Action not permitted
Modal body text goes here.
cve-2009-0217
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T04:24:18.400Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2009:1428", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1428.html" }, { "name": "ADV-2009-3122", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/3122" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openoffice.org/security/cves/CVE-2009-0217.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526" }, { "name": "60799", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60799" }, { "name": "GLSA-201408-19", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "name": "PK80596", "tags": [ "vendor-advisory", "x_refsource_AIXAPAR", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026context=SSEQTP\u0026dc=D400\u0026uid=swg24023545\u0026loc=en_US\u0026cs=UTF-8\u0026lang=en\u0026rss=ct180websphere" }, { "name": "RHSA-2009:1200", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html" }, { "name": "35776", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35776" }, { "name": "36162", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/36162" }, { "name": "36494", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/36494" }, { "name": "ADV-2009-2543", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2543" }, { "name": "35858", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35858" }, { "name": "38695", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/38695" }, { "name": "269208", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-269208-1" }, { "name": "DSA-1995", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-1995" }, { "name": "HPSBUX02476", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "35853", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35853" }, { "name": "RHSA-2009:1637", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1637.html" }, { "name": "RHSA-2009:1694", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-1694.html" }, { "name": "35852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35852" }, { "name": "35854", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35854" }, { "name": "34461", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34461" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/WDON-7TY529" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mono-project.com/Vulnerabilities" }, { "name": "1020710", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020710.1-1" }, { "name": "USN-903-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-903-1" }, { "name": "35671", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/35671" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527" }, { "name": "ADV-2010-0366", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/0366" }, { "name": "55907", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/55907" }, { "name": "MDVSA-2009:209", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "name": "SUSE-SA:2010:017", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html" }, { "name": "38567", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/38567" }, { "name": "FEDORA-2009-8329", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "name": "263429", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263429-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://blogs.sun.com/security/entry/cert_vulnerability_note_vu_466161" }, { "name": "SSRT090250", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "ADV-2009-1900", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1900" }, { "name": "1022561", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1022561" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" }, { "name": "37671", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37671" }, { "name": "VU#466161", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/466161" }, { "name": "1022567", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1022567" }, { "name": "RHSA-2009:1636", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1636.html" }, { "name": "PK80627", "tags": [ "vendor-advisory", "x_refsource_AIXAPAR", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026context=SSEQTP\u0026dc=D400\u0026uid=swg24023723\u0026loc=en_US\u0026cs=UTF-8\u0026lang=en\u0026rss=ct180websphere" }, { "name": "RHSA-2009:1649", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1649.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html" }, { "name": "TA09-294A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "name": "ADV-2009-1909", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1909" }, { "name": "ADV-2010-0635", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/0635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://svn.apache.org/viewvc?revision=794013\u0026view=revision" }, { "name": "38568", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/38568" }, { "name": "36180", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/36180" }, { "name": "FEDORA-2009-8456", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.w3.org/2008/06/xmldsigcore-errata.html#e03" }, { "name": "USN-826-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/826-1/" }, { "name": "37841", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37841" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1" }, { "name": "35855", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35855" }, { "name": "FEDORA-2009-8473", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html" }, { "name": "36176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/36176" }, { "name": "oval:org.mitre.oval:def:7158", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7158" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html" }, { "name": "ADV-2009-1908", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1908" }, { "name": "FEDORA-2009-8337", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.gnome.org/cgit/xmlsec/commit/?id=34b349675af9f72eb822837a8772cc1ead7115c7" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg21384925" }, { "name": "41818", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/41818" }, { "name": "1022661", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1022661" }, { "name": "37300", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37300" }, { "name": "ADV-2009-1911", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1911" }, { "name": "APPLE-SA-2009-09-03-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "name": "SUSE-SA:2009:053", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "name": "oval:org.mitre.oval:def:8717", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8717" }, { "name": "RHSA-2009:1201", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.gnome.org/cgit/xmlsec/patch/?id=34b349675af9f72eb822837a8772cc1ead7115c7" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/MAPG-7TSKXQ" }, { "name": "TA10-159B", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" }, { "name": "oval:org.mitre.oval:def:10186", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10186" }, { "name": "55895", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/55895" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.aleksey.com/xmlsec/" }, { "name": "MS10-041", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041" }, { "name": "38921", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/38921" }, { "name": "RHSA-2009:1650", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1650.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc" }, "references": [ { "name": "RHSA-2009:1428", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1428.html" }, { "name": "ADV-2009-3122", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/3122" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openoffice.org/security/cves/CVE-2009-0217.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526" }, { "name": "60799", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60799" }, { "name": "GLSA-201408-19", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "name": "PK80596", "tags": [ "vendor-advisory", "x_refsource_AIXAPAR" ], "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026context=SSEQTP\u0026dc=D400\u0026uid=swg24023545\u0026loc=en_US\u0026cs=UTF-8\u0026lang=en\u0026rss=ct180websphere" }, { "name": "RHSA-2009:1200", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html" }, { "name": "35776", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35776" }, { "name": "36162", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/36162" }, { "name": "36494", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/36494" }, { "name": "ADV-2009-2543", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2543" }, { "name": "35858", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35858" }, { "name": "38695", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/38695" }, { "name": "269208", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-269208-1" }, { "name": "DSA-1995", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-1995" }, { "name": "HPSBUX02476", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "35853", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35853" }, { "name": "RHSA-2009:1637", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1637.html" }, { "name": "RHSA-2009:1694", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-1694.html" }, { "name": "35852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35852" }, { "name": "35854", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35854" }, { "name": "34461", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34461" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kb.cert.org/vuls/id/WDON-7TY529" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mono-project.com/Vulnerabilities" }, { "name": "1020710", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020710.1-1" }, { "name": "USN-903-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-903-1" }, { "name": "35671", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/35671" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527" }, { "name": "ADV-2010-0366", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/0366" }, { "name": "55907", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/55907" }, { "name": "MDVSA-2009:209", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "name": "SUSE-SA:2010:017", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html" }, { "name": "38567", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/38567" }, { "name": "FEDORA-2009-8329", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "name": "263429", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263429-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://blogs.sun.com/security/entry/cert_vulnerability_note_vu_466161" }, { "name": "SSRT090250", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "ADV-2009-1900", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1900" }, { "name": "1022561", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1022561" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" }, { "name": "37671", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37671" }, { "name": "VU#466161", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/466161" }, { "name": "1022567", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1022567" }, { "name": "RHSA-2009:1636", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1636.html" }, { "name": "PK80627", "tags": [ "vendor-advisory", "x_refsource_AIXAPAR" ], "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026context=SSEQTP\u0026dc=D400\u0026uid=swg24023723\u0026loc=en_US\u0026cs=UTF-8\u0026lang=en\u0026rss=ct180websphere" }, { "name": "RHSA-2009:1649", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1649.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html" }, { "name": "TA09-294A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "name": "ADV-2009-1909", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1909" }, { "name": "ADV-2010-0635", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/0635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://svn.apache.org/viewvc?revision=794013\u0026view=revision" }, { "name": "38568", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/38568" }, { "name": "36180", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/36180" }, { "name": "FEDORA-2009-8456", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.w3.org/2008/06/xmldsigcore-errata.html#e03" }, { "name": "USN-826-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/826-1/" }, { "name": "37841", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37841" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1" }, { "name": "35855", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35855" }, { "name": "FEDORA-2009-8473", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html" }, { "name": "36176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/36176" }, { "name": "oval:org.mitre.oval:def:7158", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7158" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html" }, { "name": "ADV-2009-1908", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1908" }, { "name": "FEDORA-2009-8337", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.gnome.org/cgit/xmlsec/commit/?id=34b349675af9f72eb822837a8772cc1ead7115c7" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg21384925" }, { "name": "41818", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/41818" }, { "name": "1022661", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1022661" }, { "name": "37300", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37300" }, { "name": "ADV-2009-1911", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1911" }, { "name": "APPLE-SA-2009-09-03-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "name": "SUSE-SA:2009:053", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "name": "oval:org.mitre.oval:def:8717", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8717" }, { "name": "RHSA-2009:1201", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.gnome.org/cgit/xmlsec/patch/?id=34b349675af9f72eb822837a8772cc1ead7115c7" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kb.cert.org/vuls/id/MAPG-7TSKXQ" }, { "name": "TA10-159B", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" }, { "name": "oval:org.mitre.oval:def:10186", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10186" }, { "name": "55895", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/55895" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.aleksey.com/xmlsec/" }, { "name": "MS10-041", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041" }, { "name": "38921", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/38921" }, { "name": "RHSA-2009:1650", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1650.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2009-0217", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2009:1428", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1428.html" }, { "name": "ADV-2009-3122", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/3122" }, { "name": "http://www.openoffice.org/security/cves/CVE-2009-0217.html", "refsource": "CONFIRM", "url": "http://www.openoffice.org/security/cves/CVE-2009-0217.html" }, { "name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526", "refsource": "CONFIRM", "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526" }, { "name": "60799", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60799" }, { "name": "GLSA-201408-19", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "name": "PK80596", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026context=SSEQTP\u0026dc=D400\u0026uid=swg24023545\u0026loc=en_US\u0026cs=UTF-8\u0026lang=en\u0026rss=ct180websphere" }, { "name": "RHSA-2009:1200", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html" }, { "name": "35776", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35776" }, { "name": "36162", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36162" }, { "name": "36494", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36494" }, { "name": "ADV-2009-2543", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/2543" }, { "name": "35858", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35858" }, { "name": "38695", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38695" }, { "name": "269208", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-269208-1" }, { "name": "DSA-1995", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2010/dsa-1995" }, { "name": "HPSBUX02476", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "35853", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35853" }, { "name": "RHSA-2009:1637", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1637.html" }, { "name": "RHSA-2009:1694", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2009-1694.html" }, { "name": "35852", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35852" }, { "name": "35854", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35854" }, { "name": "34461", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34461" }, { "name": "http://www.kb.cert.org/vuls/id/WDON-7TY529", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/WDON-7TY529" }, { "name": "http://www.mono-project.com/Vulnerabilities", "refsource": "CONFIRM", "url": "http://www.mono-project.com/Vulnerabilities" }, { "name": "1020710", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020710.1-1" }, { "name": "USN-903-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-903-1" }, { "name": "35671", "refsource": "BID", "url": "http://www.securityfocus.com/bid/35671" }, { "name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527", "refsource": "CONFIRM", "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527" }, { "name": "ADV-2010-0366", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0366" }, { "name": "55907", "refsource": "OSVDB", "url": "http://osvdb.org/55907" }, { "name": "MDVSA-2009:209", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "name": "SUSE-SA:2010:017", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html" }, { "name": "38567", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38567" }, { "name": "FEDORA-2009-8329", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "name": "263429", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263429-1" }, { "name": "http://blogs.sun.com/security/entry/cert_vulnerability_note_vu_466161", "refsource": "CONFIRM", "url": "http://blogs.sun.com/security/entry/cert_vulnerability_note_vu_466161" }, { "name": "SSRT090250", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "ADV-2009-1900", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1900" }, { "name": "1022561", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022561" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" }, { "name": "37671", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37671" }, { "name": "VU#466161", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/466161" }, { "name": "1022567", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022567" }, { "name": "RHSA-2009:1636", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1636.html" }, { "name": "PK80627", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026context=SSEQTP\u0026dc=D400\u0026uid=swg24023723\u0026loc=en_US\u0026cs=UTF-8\u0026lang=en\u0026rss=ct180websphere" }, { "name": "RHSA-2009:1649", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1649.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html" }, { "name": "TA09-294A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "name": "ADV-2009-1909", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1909" }, { "name": "ADV-2010-0635", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0635" }, { "name": "http://svn.apache.org/viewvc?revision=794013\u0026view=revision", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?revision=794013\u0026view=revision" }, { "name": "38568", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38568" }, { "name": "36180", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36180" }, { "name": "FEDORA-2009-8456", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html" }, { "name": "http://www.w3.org/2008/06/xmldsigcore-errata.html#e03", "refsource": "CONFIRM", "url": "http://www.w3.org/2008/06/xmldsigcore-errata.html#e03" }, { "name": "USN-826-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/826-1/" }, { "name": "37841", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37841" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" }, { "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1", "refsource": "CONFIRM", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1" }, { "name": "35855", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35855" }, { "name": "FEDORA-2009-8473", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html" }, { "name": "36176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36176" }, { "name": "oval:org.mitre.oval:def:7158", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7158" }, { "name": "http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html", "refsource": "MISC", "url": "http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html" }, { "name": "ADV-2009-1908", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1908" }, { "name": "FEDORA-2009-8337", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "name": "http://git.gnome.org/cgit/xmlsec/commit/?id=34b349675af9f72eb822837a8772cc1ead7115c7", "refsource": "CONFIRM", "url": "http://git.gnome.org/cgit/xmlsec/commit/?id=34b349675af9f72eb822837a8772cc1ead7115c7" }, { "name": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg21384925", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg21384925" }, { "name": "41818", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/41818" }, { "name": "1022661", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022661" }, { "name": "37300", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37300" }, { "name": "ADV-2009-1911", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1911" }, { "name": "APPLE-SA-2009-09-03-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "name": "SUSE-SA:2009:053", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "name": "oval:org.mitre.oval:def:8717", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8717" }, { "name": "RHSA-2009:1201", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html" }, { "name": "http://git.gnome.org/cgit/xmlsec/patch/?id=34b349675af9f72eb822837a8772cc1ead7115c7", "refsource": "CONFIRM", "url": "http://git.gnome.org/cgit/xmlsec/patch/?id=34b349675af9f72eb822837a8772cc1ead7115c7" }, { "name": "http://www.kb.cert.org/vuls/id/MAPG-7TSKXQ", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MAPG-7TSKXQ" }, { "name": "TA10-159B", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" }, { "name": "oval:org.mitre.oval:def:10186", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10186" }, { "name": "55895", "refsource": "OSVDB", "url": "http://osvdb.org/55895" }, { "name": "http://www.aleksey.com/xmlsec/", "refsource": "CONFIRM", "url": "http://www.aleksey.com/xmlsec/" }, { "name": "MS10-041", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041" }, { "name": "38921", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38921" }, { "name": "RHSA-2009:1650", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1650.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=511915", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" } ] } } } }, "cveMetadata": { "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2009-0217", "datePublished": "2009-07-14T23:00:00", "dateReserved": "2009-01-20T00:00:00", "dateUpdated": "2024-08-07T04:24:18.400Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2009-0217\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2009-07-14T23:30:00.187\",\"lastModified\":\"2018-10-12T21:49:44.190\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.\"},{\"lang\":\"es\",\"value\":\"El dise\u00f1o de la recomendaci\u00f3n de W3C XML Signature Syntax and Processing (XMLDsig), tal y como es implementado en productos que incluyen (1) el componente Oracle Security Developer Tools de Application Server de Oracle en versiones 10.1.2.3, 10.1.3.4 y 10.1.4.3IM; (2) el componente WebLogic Server de Product Suite de BEA en las versiones 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0 y 8.1 SP6; (3) Mono anterior a versi\u00f3n 2.4.2.2; (4) XML Security Library anterior a versi\u00f3n 1.2.12; (5) WebSphere Application Server de IBM versiones 6.0 hasta 6.0.2.33, versiones 6.1 hasta 6.1.0.23 y versiones 7.0 hasta 7.0.0.1; (6) JDK y JRE de Sun Update 14 y versiones anteriores; (7) .NET Framework de Microsoft versiones 3.0 hasta 3.0 SP2, versiones 3.5 y 4.0; y otros productos utilizan un par\u00e1metro que define una longitud de truncamiento HMAC (HMACOutputLength) pero no requiere un m\u00ednimo para esta longitud, lo que permite a los atacantes suplantar firmas basadas en HMAC y omitir la autenticaci\u00f3n mediante la especificaci\u00f3n de una longitud de truncamiento con un peque\u00f1o n\u00famero de bits.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01F45BA3-6504-47AF-B757-7B6D3526FBF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3E6D6AF-0D69-4605-B871-6DAE01CF08EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5EE7744-4584-4AE4-9F27-11EFAA002E77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DE0C501-4062-49D0-8983-5E92765C7181\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE27E903-6D65-4D29-9583-43FB4CB473B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A754DD5-585B-4E89-9C01-2B47D2F5F6F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D40DEF90-CE7F-46BB-A6FF-50C1797866B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5AAA544-D3F8-4AE2-BB2D-A64CB86EC988\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C7D4ECD-8787-4F9B-B81C-C0DFD8DD20EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C43D3515-D9F5-4DC8-A030-9F97593495F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1968803-FF03-477C-81FE-87528FC6DF6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62C1CA3B-E575-4531-A336-8BFC9F5DEC26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.1.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C130982-8C6E-413E-8296-C9C277FCBE6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.1.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E1790E4-073A-4666-80CB-4D967928A0BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.1.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6239EEAE-5852-4DF7-8627-87139BBB03B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"714C405D-1E8F-45C1-8A09-5103F0080C76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:fp17:*:*:*:*:*\",\"matchCriteriaId\":\"D592217D-3489-40AE-8338-BF5AA5BBA251\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7F31FD3-8681-4F07-9644-5CC87D512520\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2604E01-E43E-4882-8896-5E646E850286\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"458BAD79-958E-4665-B1F8-0D46E0C57045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A98E5593-1534-48E2-8CD5-B2D1CACDDAB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB4AB6BD-4439-4100-A3CE-4600AED10B65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD71D5EA-9AF5-422C-810A-D136A5F132F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"375DF4AF-3C7C-47C3-BBB8-AF2B3827AC13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C9D6BDA-39E1-4D15-9D86-E212809998FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91CC2DA7-BAA6-4061-8D0C-81F002DEF06D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F2A78FE-8FA6-4532-9E9E-CF6F860EFAE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59BEDD70-B6DB-448F-A998-3E8774B0DB8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63099EF9-0512-44CD-946A-9B25144E50D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F200042C-D45E-4CAD-BF6E-E3DADF4D1D21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9132BB1-5E2E-4CA6-9B63-027CF2A7229D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D839EDB9-A44F-4F7F-94EF-1A77371D705C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4421929D-C4B9-43C5-BE61-E68484D3B198\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB622117-C91F-47D2-9832-B7DB340796E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D65E0CC-FA8C-41FD-B256-47DB0C9757FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D87691D-0719-4447-B258-5FA2BD10F11A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D0B1A00-191D-49B2-8841-FB6C48A5D0C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF771E28-65AC-4A94-8A51-4EA77BC3D0B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5594891-E790-44E7-BC9E-0A413B385E1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C286007A-361F-47BB-A099-E041D5CF6E48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD464F13-942D-40EC-8144-6D23A0AEAA81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.0.2.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05BC8C52-DA95-4BF2-AD47-9922741CAAF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B9CDD56-921C-4FAF-87E2-14B91EC1A93D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95255265-6D69-46D3-9FFA-8EDB1734375C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E4191D3-64AB-482C-9DEF-DD04C4C942CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FC6EB31-9707-408B-8BF5-66BD23441A75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B73E052-AF4F-4543-AA03-F5B1FA976EA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23171B81-C991-467A-95A4-EDDAC59C37BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBD75308-7F21-4DDF-AD66-C155CF4B721B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2586C584-3258-414B-AB28-1EBA0DBD0B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"431C250D-8279-4071-871C-1C7C4DE09B5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCA175EA-EDC6-4228-8E28-E9BBC981E60A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC300B03-7A8F-4E96-B55D-18CC258BBFCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6A4EC9D-98C2-40B0-BA40-4838FE8D1FF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3A3ADFB-93E0-42E5-B31B-59F22EA4E3EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AF5BB33-4E78-4123-8093-EBEE2F2B5598\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3F4B8EA-9299-42C1-AAFB-831701ED2FA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A45B6F32-5DFF-4833-9F0F-89576724CF97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13C8054A-8581-4936-AF94-291AE56EB4DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13CA9A59-DFE4-4566-8719-E6FA4720F06A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"026EBFCD-0BC1-404B-BC14-292F35BE667A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A89DD1BF-4AB0-480D-9856-B1BEA73A4AAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B13D74F8-4321-48B3-A33E-FCCFA93013CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E119EF-B6A5-4B6C-B199-C64F62CA7CB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2043B836-3950-46A1-89E4-08985DEA0D33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9C8FA3D-9162-4D9B-8250-FAC93ED77A2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EE93B7F-3EB5-4BE4-BFAA-4AA30D15A76D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:6.1.0.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E06DE5D4-D3A5-4783-ACE0-A80808DB09C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0905C80-A1BA-49CD-90CA-9270ECC3940C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B108457A-50DC-4432-9E30-98ADBEBF2389\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"403E554C-FD1B-42CE-82C2-43CC191905DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78278FE6-26EA-4E89-9423-EABA6C4D8877\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15E1695E-FD6E-4602-9BD9-9CFFF20574CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"691B3AF1-7F3F-4A7D-9F16-FE6044E33482\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2DE3739-A2ED-47D7-9AE9-442A95ACFC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDAB5331-AD2E-483C-93C3-8095BBBA0572\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3CC03DC-14A6-4C45-9511-7CE8E7F727BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mono_project:mono:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C71A1398-8AA5-4AB3-89C8-E2E2B36FA5AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_server:10.1.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96C617ED-3D8C-4B64-A56A-30BDE6E9B8D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_server:10.1.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D41A0A9E-6B5B-4FA9-996B-E589B96C24D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_server:10.1.4.3im:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25672ED0-9830-48B3-899A-405B97E2229A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bea_product_suite:8.1:sp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B8AB045-051A-477E-B2F7-4057826C43F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bea_product_suite:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B5D9ABA-10EE-4EE2-9814-BDFBBE9A6014\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bea_product_suite:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09215858-8A4F-4595-98DD-39027EC6CC1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bea_product_suite:9.2:mp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7390B6A-7944-4509-B499-5B51DB9BF42E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bea_product_suite:10.0:mp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"193516AD-8096-4A6E-9C4B-4B9717DD7021\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bea_product_suite:10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B1C64BD-7C8C-4B28-9EA8-5198B6C71AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server_component:8.1:sp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3B986B9-A82B-4087-808E-854EC443AC3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server_component:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AF95249-8970-406B-B874-4B9925471C27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server_component:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD536DD6-AF76-4075-8B28-322FB65793AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server_component:9.2:mp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BDA1940-A3F4-4CEC-BDD0-B098B2E27CE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server_component:10.0:mp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BB8A45D-95E5-4F14-A51A-29B5A6E45F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server_component:10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E3D253B-73D7-4916-B5E4-9D553741E98C\"}]}]}],\"references\":[{\"url\":\"http://blogs.sun.com/security/entry/cert_vulnerability_note_vu_466161\",\"source\":\"cret@cert.org\"},{\"url\":\"http://git.gnome.org/cgit/xmlsec/commit/?id=34b349675af9f72eb822837a8772cc1ead7115c7\",\"source\":\"cret@cert.org\"},{\"url\":\"http://git.gnome.org/cgit/xmlsec/patch/?id=34b349675af9f72eb822837a8772cc1ead7115c7\",\"source\":\"cret@cert.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2\",\"source\":\"cret@cert.org\"},{\"url\":\"http://osvdb.org/55895\",\"source\":\"cret@cert.org\"},{\"url\":\"http://osvdb.org/55907\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/34461\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/35776\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/35852\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/35853\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/35854\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/35855\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/35858\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36162\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36176\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36180\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36494\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/37300\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/37671\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/37841\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/38567\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/38568\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/38695\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/38921\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/41818\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/60799\",\"source\":\"cret@cert.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1\",\"source\":\"cret@cert.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-263429-1\",\"source\":\"cret@cert.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-269208-1\",\"source\":\"cret@cert.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020710.1-1\",\"source\":\"cret@cert.org\"},{\"url\":\"http://svn.apache.org/viewvc?revision=794013\u0026view=revision\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?rs=180\u0026context=SSEQTP\u0026dc=D400\u0026uid=swg24023545\u0026loc=en_US\u0026cs=UTF-8\u0026lang=en\u0026rss=ct180websphere\",\"source\":\"cret@cert.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?rs=180\u0026context=SSEQTP\u0026dc=D400\u0026uid=swg24023723\u0026loc=en_US\u0026cs=UTF-8\u0026lang=en\u0026rss=ct180websphere\",\"source\":\"cret@cert.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg21384925\",\"source\":\"cret@cert.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.aleksey.com/xmlsec/\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.debian.org/security/2010/dsa-1995\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/466161\",\"source\":\"cret@cert.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/MAPG-7TSKXQ\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/WDON-7TY529\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:209\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.mono-project.com/Vulnerabilities\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.openoffice.org/security/cves/CVE-2009-0217.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-1694.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securityfocus.com/bid/35671\",\"source\":\"cret@cert.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1022561\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securitytracker.com/id?1022567\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securitytracker.com/id?1022661\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-903-1\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-294A.html\",\"source\":\"cret@cert.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-159B.html\",\"source\":\"cret@cert.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1900\",\"source\":\"cret@cert.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1908\",\"source\":\"cret@cert.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1909\",\"source\":\"cret@cert.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1911\",\"source\":\"cret@cert.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/2543\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/3122\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0366\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0635\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.w3.org/2008/06/xmldsigcore-errata.html#e03\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=511915\",\"source\":\"cret@cert.org\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041\",\"source\":\"cret@cert.org\"},{\"url\":\"https://issues.apache.org/bugzilla/show_bug.cgi?id=47526\",\"source\":\"cret@cert.org\"},{\"url\":\"https://issues.apache.org/bugzilla/show_bug.cgi?id=47527\",\"source\":\"cret@cert.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10186\",\"source\":\"cret@cert.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7158\",\"source\":\"cret@cert.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8717\",\"source\":\"cret@cert.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1200.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1201.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1428.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1636.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1637.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1649.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1650.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://usn.ubuntu.com/826-1/\",\"source\":\"cret@cert.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html\",\"source\":\"cret@cert.org\"}]}}" } }
rhsa-2009_1201
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.6.0-openjdk packages that fix several security issues and a\nbug are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "These packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE)\ncontains the software and tools that users need to run applications written\nusing the Java programming language.\n\nA flaw was found in the way the XML Digital Signature implementation in the\nJRE handled HMAC-based XML signatures. An attacker could use this flaw to\ncreate a crafted signature that could allow them to bypass authentication,\nor trick a user, applet, or application into accepting untrusted content.\n(CVE-2009-0217)\n\nSeveral potential information leaks were found in various mutable static\nvariables. These could be exploited in application scenarios that execute\nuntrusted scripting code. (CVE-2009-2475)\n\nIt was discovered that OpenType checks can be bypassed. This could allow a\nrogue application to bypass access restrictions by acquiring references to\nprivileged objects through finalizer resurrection. (CVE-2009-2476)\n\nA denial of service flaw was found in the way the JRE processes XML. A\nremote attacker could use this flaw to supply crafted XML that would lead\nto a denial of service. (CVE-2009-2625)\n\nA flaw was found in the JRE audio system. An untrusted applet or\napplication could use this flaw to gain read access to restricted System\nproperties. (CVE-2009-2670)\n\nTwo flaws were found in the JRE proxy implementation. An untrusted applet\nor application could use these flaws to discover the usernames of users\nrunning applets and applications, or obtain web browser cookies and use\nthem for session hijacking attacks. (CVE-2009-2671, CVE-2009-2672)\n\nAn additional flaw was found in the proxy mechanism implementation. This\nflaw allowed an untrusted applet or application to bypass access\nrestrictions and communicate using non-authorized socket or URL connections\nto hosts other than the origin host. (CVE-2009-2673) \n\nAn integer overflow flaw was found in the way the JRE processes JPEG\nimages. An untrusted application could use this flaw to extend its\nprivileges, allowing it to read and write local files, as well as to\nexecute local applications with the privileges of the user running the\napplication. (CVE-2009-2674)\n\nAn integer overflow flaw was found in the JRE unpack200 functionality. An\nuntrusted applet or application could extend its privileges, allowing it to\nread and write local files, as well as to execute local applications with\nthe privileges of the user running the applet or application. (CVE-2009-2675)\n\nIt was discovered that JDK13Services grants unnecessary privileges to\ncertain object types. This could be misused by an untrusted applet or\napplication to use otherwise restricted functionality. (CVE-2009-2689)\n\nAn information disclosure flaw was found in the way private Java variables\nwere handled. An untrusted applet or application could use this flaw to\nobtain information from variables that would otherwise be private.\n(CVE-2009-2690)\n\nNote: The flaws concerning applets in this advisory, CVE-2009-2475,\nCVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2675,\nCVE-2009-2689, and CVE-2009-2690, can only be triggered in\njava-1.6.0-openjdk by calling the \"appletviewer\" application.\n\nThis update also fixes the following bug:\n\n* the EVR in the java-1.6.0-openjdk package as shipped with Red Hat\nEnterprise Linux allowed the java-1.6.0-openjdk package from the EPEL\nrepository to take precedence (appear newer). Users using\njava-1.6.0-openjdk from EPEL would not have received security updates since\nOctober 2008. This update prevents the packages from EPEL from taking\nprecedence. (BZ#499079)\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2009:1201", "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates5", "url": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates5" }, { "category": "external", "summary": "499079", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=499079" }, { "category": "external", "summary": "511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "513215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215" }, { "category": "external", "summary": "513220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220" }, { "category": "external", "summary": "513222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222" }, { "category": "external", "summary": "513223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1201.json" } ], "title": "Red Hat Security Advisory: java-1.6.0-openjdk security and bug fix update", "tracking": { "current_release_date": "2024-11-05T17:07:28+00:00", "generator": { "date": "2024-11-05T17:07:28+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2009:1201", "initial_release_date": "2009-08-06T21:14:00+00:00", "revision_history": [ { "date": "2009-08-06T21:14:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2009-08-06T17:14:44+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:07:28+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 5 client)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux (v. 5 server)", "product": { "name": "Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "product": { "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "product_id": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-debuginfo@1.6.0.0-1.2.b09.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "product": { "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "product_id": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-javadoc@1.6.0.0-1.2.b09.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "product": { "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "product_id": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-src@1.6.0.0-1.2.b09.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "product": { "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "product_id": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-demo@1.6.0.0-1.2.b09.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "product": { "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "product_id": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-devel@1.6.0.0-1.2.b09.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "product": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.2.b09.el5?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "product": { "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "product_id": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-debuginfo@1.6.0.0-1.2.b09.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "product": { "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "product_id": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-javadoc@1.6.0.0-1.2.b09.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "product": { "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "product_id": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-src@1.6.0.0-1.2.b09.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "product": { "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "product_id": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-demo@1.6.0.0-1.2.b09.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "product": { "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "product_id": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-devel@1.6.0.0-1.2.b09.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "product": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.2.b09.el5?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "product": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.2.b09.el5?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src" }, "product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src" }, "product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Server" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "discovery_date": "2009-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511915" } ], "notes": [ { "category": "description", "text": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0217" }, { "category": "external", "summary": "RHBZ#511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" } ], "release_date": "2009-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass" }, { "cve": "CVE-2009-2475", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513215" } ], "notes": [ { "category": "description", "text": "Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS, a different vulnerability than CVE-2009-2673.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2475" }, { "category": "external", "summary": "RHBZ#513215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2475", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2475" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2475", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2475" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)" }, { "cve": "CVE-2009-2476", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513220" } ], "notes": [ { "category": "description", "text": "The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK OpenType checks can be bypassed (6736293)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2476" }, { "category": "external", "summary": "RHBZ#513220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2476", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2476" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2476", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2476" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK OpenType checks can be bypassed (6736293)" }, { "cve": "CVE-2009-2625", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512921" } ], "notes": [ { "category": "description", "text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML parsing Denial-Of-Service (6845701)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2625" }, { "category": "external", "summary": "RHBZ#512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2625" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML parsing Denial-Of-Service (6845701)" }, { "cve": "CVE-2009-2670", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512896" } ], "notes": [ { "category": "description", "text": "The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Untrusted applet System properties access (6738524)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2670" }, { "category": "external", "summary": "RHBZ#512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2670", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2670" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK Untrusted applet System properties access (6738524)" }, { "cve": "CVE-2009-2671", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2671" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2671", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2671" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2672", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2672" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2672", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2672" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2673", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512914" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2673" }, { "category": "external", "summary": "RHBZ#512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2673", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2673" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)" }, { "cve": "CVE-2009-2674", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512915" } ], "notes": [ { "category": "description", "text": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer JPEG processing integer overflow (6823373)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2674" }, { "category": "external", "summary": "RHBZ#512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2674", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2674" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer JPEG processing integer overflow (6823373)" }, { "cve": "CVE-2009-2675", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512920" } ], "notes": [ { "category": "description", "text": "Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer unpack200 processing integer overflow (6830335)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2675" }, { "category": "external", "summary": "RHBZ#512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2675", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2675" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer unpack200 processing integer overflow (6830335)" }, { "cve": "CVE-2009-2689", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513222" } ], "notes": [ { "category": "description", "text": "JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JDK13Services grants unnecessary privileges (6777448)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2689" }, { "category": "external", "summary": "RHBZ#513222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2689", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2689" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2689", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2689" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK JDK13Services grants unnecessary privileges (6777448)" }, { "cve": "CVE-2009-2690", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513223" } ], "notes": [ { "category": "description", "text": "The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK private variable information disclosure (6777487)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2690" }, { "category": "external", "summary": "RHBZ#513223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2690", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2690" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2690", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2690" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK private variable information disclosure (6777487)" } ] }
rhsa-2009_1428
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated xmlsec1 packages that fix one security issue are now available for\nRed Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "The XML Security Library is a C library based on libxml2 and OpenSSL. It\nimplements the XML Signature Syntax and Processing and XML Encryption\nSyntax and Processing standards. HMAC is used for message authentication\nusing cryptographic hash functions. The HMAC algorithm allows the hash\noutput to be truncated (as documented in RFC 2104).\n\nA missing check for the recommended minimum length of the truncated form of\nHMAC-based XML signatures was found in xmlsec1. An attacker could use this\nflaw to create a specially-crafted XML file that forges an XML signature,\nallowing the attacker to bypass authentication that is based on the XML\nSignature specification. (CVE-2009-0217)\n\nUsers of xmlsec1 should upgrade to these updated packages, which contain\na backported patch to correct this issue. After installing the updated\npackages, applications that use the XML Security Library must be restarted\nfor the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2009:1428", "url": "https://access.redhat.com/errata/RHSA-2009:1428" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "http://www.w3.org/TR/xmldsig-core/", "url": "http://www.w3.org/TR/xmldsig-core/" }, { "category": "external", "summary": "http://tools.ietf.org/html/rfc2104", "url": "http://tools.ietf.org/html/rfc2104" }, { "category": "external", "summary": "511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1428.json" } ], "title": "Red Hat Security Advisory: xmlsec1 security update", "tracking": { "current_release_date": "2024-11-05T17:08:36+00:00", "generator": { "date": "2024-11-05T17:08:36+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2009:1428", "initial_release_date": "2009-09-08T15:43:00+00:00", "revision_history": [ { "date": "2009-09-08T15:43:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2009-09-08T11:47:51+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:08:36+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4", "product": { "name": "Red Hat Enterprise Linux AS version 4", "product_id": "4AS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::as" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop version 4", "product": { "name": "Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4", "product": { "name": "Red Hat Enterprise Linux ES version 4", "product_id": "4ES", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::es" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4", "product": { "name": "Red Hat Enterprise Linux WS version 4", "product_id": "4WS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::ws" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 5 client)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product": { "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux (v. 5 server)", "product": { "name": "Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "xmlsec1-devel-0:1.2.6-3.1.ia64", "product": { "name": "xmlsec1-devel-0:1.2.6-3.1.ia64", "product_id": "xmlsec1-devel-0:1.2.6-3.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.6-3.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "product": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "product_id": "xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.6-3.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "product": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "product_id": "xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.6-3.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.6-3.1.ia64", "product": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ia64", "product_id": "xmlsec1-openssl-0:1.2.6-3.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.6-3.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.6-3.1.ia64", "product": { "name": "xmlsec1-0:1.2.6-3.1.ia64", "product_id": "xmlsec1-0:1.2.6-3.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.6-3.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "product": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "product_id": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls-devel@1.2.9-8.1.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "product": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "product_id": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss-devel@1.2.9-8.1.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "product": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "product_id": "xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls@1.2.9-8.1.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "product": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "product_id": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.9-8.1.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "product": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "product_id": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.9-8.1.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "product": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "product_id": "xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.9-8.1.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-nss-0:1.2.9-8.1.1.ia64", "product": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.ia64", "product_id": "xmlsec1-nss-0:1.2.9-8.1.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss@1.2.9-8.1.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.9-8.1.1.ia64", "product": { "name": "xmlsec1-0:1.2.9-8.1.1.ia64", "product_id": "xmlsec1-0:1.2.9-8.1.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.9-8.1.1?arch=ia64" } } }, { "category": "product_version", "name": "xmlsec1-devel-0:1.2.9-8.1.1.ia64", "product": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.ia64", "product_id": "xmlsec1-devel-0:1.2.9-8.1.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.9-8.1.1?arch=ia64" } } } ], "category": "architecture", "name": "ia64" }, { "branches": [ { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.6-3.1.i386", "product": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.i386", "product_id": "xmlsec1-debuginfo-0:1.2.6-3.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.6-3.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.6-3.1.i386", "product": { "name": "xmlsec1-openssl-0:1.2.6-3.1.i386", "product_id": "xmlsec1-openssl-0:1.2.6-3.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.6-3.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.6-3.1.i386", "product": { "name": "xmlsec1-0:1.2.6-3.1.i386", "product_id": "xmlsec1-0:1.2.6-3.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.6-3.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-devel-0:1.2.6-3.1.i386", "product": { "name": "xmlsec1-devel-0:1.2.6-3.1.i386", "product_id": "xmlsec1-devel-0:1.2.6-3.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.6-3.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "product": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "product_id": "xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.6-3.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "product": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "product_id": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls-devel@1.2.9-8.1.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "product": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "product_id": "xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss-devel@1.2.9-8.1.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "product": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "product_id": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.9-8.1.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "product": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "product_id": "xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.9-8.1.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-devel-0:1.2.9-8.1.1.i386", "product": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.i386", "product_id": "xmlsec1-devel-0:1.2.9-8.1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.9-8.1.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "product": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "product_id": "xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls@1.2.9-8.1.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.9-8.1.1.i386", "product": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.i386", "product_id": "xmlsec1-openssl-0:1.2.9-8.1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.9-8.1.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-nss-0:1.2.9-8.1.1.i386", "product": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.i386", "product_id": "xmlsec1-nss-0:1.2.9-8.1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss@1.2.9-8.1.1?arch=i386" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.9-8.1.1.i386", "product": { "name": "xmlsec1-0:1.2.9-8.1.1.i386", "product_id": "xmlsec1-0:1.2.9-8.1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.9-8.1.1?arch=i386" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "xmlsec1-devel-0:1.2.6-3.1.x86_64", "product": { "name": "xmlsec1-devel-0:1.2.6-3.1.x86_64", "product_id": "xmlsec1-devel-0:1.2.6-3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.6-3.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "product": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "product_id": "xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.6-3.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "product": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "product_id": "xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.6-3.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.6-3.1.x86_64", "product": { "name": "xmlsec1-openssl-0:1.2.6-3.1.x86_64", "product_id": "xmlsec1-openssl-0:1.2.6-3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.6-3.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.6-3.1.x86_64", "product": { "name": "xmlsec1-0:1.2.6-3.1.x86_64", "product_id": "xmlsec1-0:1.2.6-3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.6-3.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "product": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "product_id": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls-devel@1.2.9-8.1.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "product": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "product_id": "xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss-devel@1.2.9-8.1.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64", "product": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64", "product_id": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.9-8.1.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "product": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "product_id": "xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.9-8.1.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "product": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "product_id": "xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.9-8.1.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "product": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "product_id": "xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls@1.2.9-8.1.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "product": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "product_id": "xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.9-8.1.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "product": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "product_id": "xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss@1.2.9-8.1.1?arch=x86_64" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.9-8.1.1.x86_64", "product": { "name": "xmlsec1-0:1.2.9-8.1.1.x86_64", "product_id": "xmlsec1-0:1.2.9-8.1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.9-8.1.1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "xmlsec1-0:1.2.6-3.1.src", "product": { "name": "xmlsec1-0:1.2.6-3.1.src", "product_id": "xmlsec1-0:1.2.6-3.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.6-3.1?arch=src" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.9-8.1.1.src", "product": { "name": "xmlsec1-0:1.2.9-8.1.1.src", "product_id": "xmlsec1-0:1.2.9-8.1.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.9-8.1.1?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "xmlsec1-devel-0:1.2.6-3.1.ppc", "product": { "name": "xmlsec1-devel-0:1.2.6-3.1.ppc", "product_id": "xmlsec1-devel-0:1.2.6-3.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.6-3.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "product": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "product_id": "xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.6-3.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "product": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "product_id": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.6-3.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.6-3.1.ppc", "product": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ppc", "product_id": "xmlsec1-openssl-0:1.2.6-3.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.6-3.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.6-3.1.ppc", "product": { "name": "xmlsec1-0:1.2.6-3.1.ppc", "product_id": "xmlsec1-0:1.2.6-3.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.6-3.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "product": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "product_id": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls-devel@1.2.9-8.1.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "product": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "product_id": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss-devel@1.2.9-8.1.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "product": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "product_id": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls@1.2.9-8.1.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "product": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "product_id": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.9-8.1.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "product": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "product_id": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.9-8.1.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "product": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "product_id": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.9-8.1.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-nss-0:1.2.9-8.1.1.ppc", "product": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.ppc", "product_id": "xmlsec1-nss-0:1.2.9-8.1.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss@1.2.9-8.1.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.9-8.1.1.ppc", "product": { "name": "xmlsec1-0:1.2.9-8.1.1.ppc", "product_id": "xmlsec1-0:1.2.9-8.1.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.9-8.1.1?arch=ppc" } } }, { "category": "product_version", "name": "xmlsec1-devel-0:1.2.9-8.1.1.ppc", "product": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.ppc", "product_id": "xmlsec1-devel-0:1.2.9-8.1.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.9-8.1.1?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "product": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "product_id": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.6-3.1?arch=ppc64" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.6-3.1.ppc64", "product": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ppc64", "product_id": "xmlsec1-openssl-0:1.2.6-3.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.6-3.1?arch=ppc64" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.6-3.1.ppc64", "product": { "name": "xmlsec1-0:1.2.6-3.1.ppc64", "product_id": "xmlsec1-0:1.2.6-3.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.6-3.1?arch=ppc64" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "product": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "product_id": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls-devel@1.2.9-8.1.1?arch=ppc64" } } }, { "category": "product_version", "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "product": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "product_id": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss-devel@1.2.9-8.1.1?arch=ppc64" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "product": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "product_id": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls@1.2.9-8.1.1?arch=ppc64" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "product": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "product_id": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.9-8.1.1?arch=ppc64" } } }, { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "product": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "product_id": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.9-8.1.1?arch=ppc64" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "product": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "product_id": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.9-8.1.1?arch=ppc64" } } }, { "category": "product_version", "name": "xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "product": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "product_id": "xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss@1.2.9-8.1.1?arch=ppc64" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.9-8.1.1.ppc64", "product": { "name": "xmlsec1-0:1.2.9-8.1.1.ppc64", "product_id": "xmlsec1-0:1.2.9-8.1.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.9-8.1.1?arch=ppc64" } } }, { "category": "product_version", "name": "xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "product": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "product_id": "xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.9-8.1.1?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "xmlsec1-devel-0:1.2.6-3.1.s390x", "product": { "name": "xmlsec1-devel-0:1.2.6-3.1.s390x", "product_id": "xmlsec1-devel-0:1.2.6-3.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.6-3.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "product": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "product_id": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.6-3.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "product": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "product_id": "xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.6-3.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.6-3.1.s390x", "product": { "name": "xmlsec1-openssl-0:1.2.6-3.1.s390x", "product_id": "xmlsec1-openssl-0:1.2.6-3.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.6-3.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.6-3.1.s390x", "product": { "name": "xmlsec1-0:1.2.6-3.1.s390x", "product_id": "xmlsec1-0:1.2.6-3.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.6-3.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "product": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "product_id": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls-devel@1.2.9-8.1.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "product": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "product_id": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss-devel@1.2.9-8.1.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "product": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "product_id": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls@1.2.9-8.1.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "product": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "product_id": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.9-8.1.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "product": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "product_id": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.9-8.1.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "product": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "product_id": "xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.9-8.1.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-nss-0:1.2.9-8.1.1.s390x", "product": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.s390x", "product_id": "xmlsec1-nss-0:1.2.9-8.1.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss@1.2.9-8.1.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.9-8.1.1.s390x", "product": { "name": "xmlsec1-0:1.2.9-8.1.1.s390x", "product_id": "xmlsec1-0:1.2.9-8.1.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.9-8.1.1?arch=s390x" } } }, { "category": "product_version", "name": "xmlsec1-devel-0:1.2.9-8.1.1.s390x", "product": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.s390x", "product_id": "xmlsec1-devel-0:1.2.9-8.1.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.9-8.1.1?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.6-3.1.s390", "product": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.s390", "product_id": "xmlsec1-debuginfo-0:1.2.6-3.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.6-3.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.6-3.1.s390", "product": { "name": "xmlsec1-openssl-0:1.2.6-3.1.s390", "product_id": "xmlsec1-openssl-0:1.2.6-3.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.6-3.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.6-3.1.s390", "product": { "name": "xmlsec1-0:1.2.6-3.1.s390", "product_id": "xmlsec1-0:1.2.6-3.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.6-3.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-devel-0:1.2.6-3.1.s390", "product": { "name": "xmlsec1-devel-0:1.2.6-3.1.s390", "product_id": "xmlsec1-devel-0:1.2.6-3.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.6-3.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "product": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "product_id": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.6-3.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "product": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "product_id": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls-devel@1.2.9-8.1.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "product": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "product_id": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss-devel@1.2.9-8.1.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "product": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "product_id": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-gnutls@1.2.9-8.1.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "product": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "product_id": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl-devel@1.2.9-8.1.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "product": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "product_id": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-debuginfo@1.2.9-8.1.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-openssl-0:1.2.9-8.1.1.s390", "product": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.s390", "product_id": "xmlsec1-openssl-0:1.2.9-8.1.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-openssl@1.2.9-8.1.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-nss-0:1.2.9-8.1.1.s390", "product": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.s390", "product_id": "xmlsec1-nss-0:1.2.9-8.1.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-nss@1.2.9-8.1.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-0:1.2.9-8.1.1.s390", "product": { "name": "xmlsec1-0:1.2.9-8.1.1.s390", "product_id": "xmlsec1-0:1.2.9-8.1.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1@1.2.9-8.1.1?arch=s390" } } }, { "category": "product_version", "name": "xmlsec1-devel-0:1.2.9-8.1.1.s390", "product": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.s390", "product_id": "xmlsec1-devel-0:1.2.9-8.1.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/xmlsec1-devel@1.2.9-8.1.1?arch=s390" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-0:1.2.6-3.1.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.ppc64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-0:1.2.6-3.1.ppc64" }, "product_reference": "xmlsec1-0:1.2.6-3.1.ppc64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-0:1.2.6-3.1.s390", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.src as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-0:1.2.6-3.1.src" }, "product_reference": "xmlsec1-0:1.2.6-3.1.src", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.s390", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-devel-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-devel-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-devel-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-devel-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.s390", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-devel-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-devel-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ppc64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-0:1.2.6-3.1.ppc64" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.ppc64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.s390", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-0:1.2.6-3.1.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-0:1.2.6-3.1.ppc64" }, "product_reference": "xmlsec1-0:1.2.6-3.1.ppc64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-0:1.2.6-3.1.s390", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.src as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-0:1.2.6-3.1.src" }, "product_reference": "xmlsec1-0:1.2.6-3.1.src", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.s390", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-devel-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-devel-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-devel-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-devel-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.s390", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-devel-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-devel-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.ppc64" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.ppc64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.s390", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-0:1.2.6-3.1.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.ppc64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-0:1.2.6-3.1.ppc64" }, "product_reference": "xmlsec1-0:1.2.6-3.1.ppc64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-0:1.2.6-3.1.s390", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.src as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-0:1.2.6-3.1.src" }, "product_reference": "xmlsec1-0:1.2.6-3.1.src", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.s390", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-devel-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-devel-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-devel-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-devel-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.s390", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-devel-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-devel-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ppc64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-0:1.2.6-3.1.ppc64" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.ppc64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.s390", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-0:1.2.6-3.1.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.ppc64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-0:1.2.6-3.1.ppc64" }, "product_reference": "xmlsec1-0:1.2.6-3.1.ppc64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-0:1.2.6-3.1.s390", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.src as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-0:1.2.6-3.1.src" }, "product_reference": "xmlsec1-0:1.2.6-3.1.src", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.s390", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-devel-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-devel-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-devel-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-devel-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.s390", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-devel-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-devel-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-devel-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.ppc64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-0:1.2.6-3.1.ppc64" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.ppc64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.s390", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-openssl-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.i386" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.ia64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390x as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.src" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.src", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-0:1.2.9-8.1.1.src" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.src", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-devel-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-devel-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-devel-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-devel-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-devel-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-devel-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-devel-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.src as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-0:1.2.9-8.1.1.src" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.src", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-devel-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-devel-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-devel-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-devel-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-devel-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-devel-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-devel-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-devel-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64" }, "product_reference": "xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64", "relates_to_product_reference": "5Server" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "discovery_date": "2009-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511915" } ], "notes": [ { "category": "description", "text": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS:xmlsec1-0:1.2.6-3.1.i386", "4AS:xmlsec1-0:1.2.6-3.1.ia64", "4AS:xmlsec1-0:1.2.6-3.1.ppc", "4AS:xmlsec1-0:1.2.6-3.1.ppc64", "4AS:xmlsec1-0:1.2.6-3.1.s390", "4AS:xmlsec1-0:1.2.6-3.1.s390x", "4AS:xmlsec1-0:1.2.6-3.1.src", "4AS:xmlsec1-0:1.2.6-3.1.x86_64", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.i386", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.s390", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "4AS:xmlsec1-devel-0:1.2.6-3.1.i386", "4AS:xmlsec1-devel-0:1.2.6-3.1.ia64", "4AS:xmlsec1-devel-0:1.2.6-3.1.ppc", "4AS:xmlsec1-devel-0:1.2.6-3.1.s390", "4AS:xmlsec1-devel-0:1.2.6-3.1.s390x", "4AS:xmlsec1-devel-0:1.2.6-3.1.x86_64", "4AS:xmlsec1-openssl-0:1.2.6-3.1.i386", "4AS:xmlsec1-openssl-0:1.2.6-3.1.ia64", "4AS:xmlsec1-openssl-0:1.2.6-3.1.ppc", "4AS:xmlsec1-openssl-0:1.2.6-3.1.ppc64", "4AS:xmlsec1-openssl-0:1.2.6-3.1.s390", "4AS:xmlsec1-openssl-0:1.2.6-3.1.s390x", "4AS:xmlsec1-openssl-0:1.2.6-3.1.x86_64", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-0:1.2.6-3.1.ppc64", "4Desktop:xmlsec1-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-0:1.2.6-3.1.src", "4Desktop:xmlsec1-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.ppc64", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-0:1.2.6-3.1.i386", "4ES:xmlsec1-0:1.2.6-3.1.ia64", "4ES:xmlsec1-0:1.2.6-3.1.ppc", "4ES:xmlsec1-0:1.2.6-3.1.ppc64", "4ES:xmlsec1-0:1.2.6-3.1.s390", "4ES:xmlsec1-0:1.2.6-3.1.s390x", "4ES:xmlsec1-0:1.2.6-3.1.src", "4ES:xmlsec1-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.i386", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.s390", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-devel-0:1.2.6-3.1.i386", "4ES:xmlsec1-devel-0:1.2.6-3.1.ia64", "4ES:xmlsec1-devel-0:1.2.6-3.1.ppc", "4ES:xmlsec1-devel-0:1.2.6-3.1.s390", "4ES:xmlsec1-devel-0:1.2.6-3.1.s390x", "4ES:xmlsec1-devel-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-openssl-0:1.2.6-3.1.i386", "4ES:xmlsec1-openssl-0:1.2.6-3.1.ia64", "4ES:xmlsec1-openssl-0:1.2.6-3.1.ppc", "4ES:xmlsec1-openssl-0:1.2.6-3.1.ppc64", "4ES:xmlsec1-openssl-0:1.2.6-3.1.s390", "4ES:xmlsec1-openssl-0:1.2.6-3.1.s390x", "4ES:xmlsec1-openssl-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-0:1.2.6-3.1.i386", "4WS:xmlsec1-0:1.2.6-3.1.ia64", "4WS:xmlsec1-0:1.2.6-3.1.ppc", "4WS:xmlsec1-0:1.2.6-3.1.ppc64", "4WS:xmlsec1-0:1.2.6-3.1.s390", "4WS:xmlsec1-0:1.2.6-3.1.s390x", "4WS:xmlsec1-0:1.2.6-3.1.src", "4WS:xmlsec1-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.i386", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.s390", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-devel-0:1.2.6-3.1.i386", "4WS:xmlsec1-devel-0:1.2.6-3.1.ia64", "4WS:xmlsec1-devel-0:1.2.6-3.1.ppc", "4WS:xmlsec1-devel-0:1.2.6-3.1.s390", "4WS:xmlsec1-devel-0:1.2.6-3.1.s390x", "4WS:xmlsec1-devel-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-openssl-0:1.2.6-3.1.i386", "4WS:xmlsec1-openssl-0:1.2.6-3.1.ia64", "4WS:xmlsec1-openssl-0:1.2.6-3.1.ppc", "4WS:xmlsec1-openssl-0:1.2.6-3.1.ppc64", "4WS:xmlsec1-openssl-0:1.2.6-3.1.s390", "4WS:xmlsec1-openssl-0:1.2.6-3.1.s390x", "4WS:xmlsec1-openssl-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.src", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-0:1.2.9-8.1.1.src", "5Client:xmlsec1-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-0:1.2.9-8.1.1.src", "5Server:xmlsec1-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0217" }, { "category": "external", "summary": "RHBZ#511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" } ], "release_date": "2009-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-09-08T15:43:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS:xmlsec1-0:1.2.6-3.1.i386", "4AS:xmlsec1-0:1.2.6-3.1.ia64", "4AS:xmlsec1-0:1.2.6-3.1.ppc", "4AS:xmlsec1-0:1.2.6-3.1.ppc64", "4AS:xmlsec1-0:1.2.6-3.1.s390", "4AS:xmlsec1-0:1.2.6-3.1.s390x", "4AS:xmlsec1-0:1.2.6-3.1.src", "4AS:xmlsec1-0:1.2.6-3.1.x86_64", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.i386", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.s390", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "4AS:xmlsec1-devel-0:1.2.6-3.1.i386", "4AS:xmlsec1-devel-0:1.2.6-3.1.ia64", "4AS:xmlsec1-devel-0:1.2.6-3.1.ppc", "4AS:xmlsec1-devel-0:1.2.6-3.1.s390", "4AS:xmlsec1-devel-0:1.2.6-3.1.s390x", "4AS:xmlsec1-devel-0:1.2.6-3.1.x86_64", "4AS:xmlsec1-openssl-0:1.2.6-3.1.i386", "4AS:xmlsec1-openssl-0:1.2.6-3.1.ia64", "4AS:xmlsec1-openssl-0:1.2.6-3.1.ppc", "4AS:xmlsec1-openssl-0:1.2.6-3.1.ppc64", "4AS:xmlsec1-openssl-0:1.2.6-3.1.s390", "4AS:xmlsec1-openssl-0:1.2.6-3.1.s390x", "4AS:xmlsec1-openssl-0:1.2.6-3.1.x86_64", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-0:1.2.6-3.1.ppc64", "4Desktop:xmlsec1-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-0:1.2.6-3.1.src", "4Desktop:xmlsec1-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.ppc64", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-0:1.2.6-3.1.i386", "4ES:xmlsec1-0:1.2.6-3.1.ia64", "4ES:xmlsec1-0:1.2.6-3.1.ppc", "4ES:xmlsec1-0:1.2.6-3.1.ppc64", "4ES:xmlsec1-0:1.2.6-3.1.s390", "4ES:xmlsec1-0:1.2.6-3.1.s390x", "4ES:xmlsec1-0:1.2.6-3.1.src", "4ES:xmlsec1-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.i386", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.s390", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-devel-0:1.2.6-3.1.i386", "4ES:xmlsec1-devel-0:1.2.6-3.1.ia64", "4ES:xmlsec1-devel-0:1.2.6-3.1.ppc", "4ES:xmlsec1-devel-0:1.2.6-3.1.s390", "4ES:xmlsec1-devel-0:1.2.6-3.1.s390x", "4ES:xmlsec1-devel-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-openssl-0:1.2.6-3.1.i386", "4ES:xmlsec1-openssl-0:1.2.6-3.1.ia64", "4ES:xmlsec1-openssl-0:1.2.6-3.1.ppc", "4ES:xmlsec1-openssl-0:1.2.6-3.1.ppc64", "4ES:xmlsec1-openssl-0:1.2.6-3.1.s390", "4ES:xmlsec1-openssl-0:1.2.6-3.1.s390x", "4ES:xmlsec1-openssl-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-0:1.2.6-3.1.i386", "4WS:xmlsec1-0:1.2.6-3.1.ia64", "4WS:xmlsec1-0:1.2.6-3.1.ppc", "4WS:xmlsec1-0:1.2.6-3.1.ppc64", "4WS:xmlsec1-0:1.2.6-3.1.s390", "4WS:xmlsec1-0:1.2.6-3.1.s390x", "4WS:xmlsec1-0:1.2.6-3.1.src", "4WS:xmlsec1-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.i386", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.s390", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-devel-0:1.2.6-3.1.i386", "4WS:xmlsec1-devel-0:1.2.6-3.1.ia64", "4WS:xmlsec1-devel-0:1.2.6-3.1.ppc", "4WS:xmlsec1-devel-0:1.2.6-3.1.s390", "4WS:xmlsec1-devel-0:1.2.6-3.1.s390x", "4WS:xmlsec1-devel-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-openssl-0:1.2.6-3.1.i386", "4WS:xmlsec1-openssl-0:1.2.6-3.1.ia64", "4WS:xmlsec1-openssl-0:1.2.6-3.1.ppc", "4WS:xmlsec1-openssl-0:1.2.6-3.1.ppc64", "4WS:xmlsec1-openssl-0:1.2.6-3.1.s390", "4WS:xmlsec1-openssl-0:1.2.6-3.1.s390x", "4WS:xmlsec1-openssl-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.src", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-0:1.2.9-8.1.1.src", "5Client:xmlsec1-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-0:1.2.9-8.1.1.src", "5Server:xmlsec1-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1428" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS:xmlsec1-0:1.2.6-3.1.i386", "4AS:xmlsec1-0:1.2.6-3.1.ia64", "4AS:xmlsec1-0:1.2.6-3.1.ppc", "4AS:xmlsec1-0:1.2.6-3.1.ppc64", "4AS:xmlsec1-0:1.2.6-3.1.s390", "4AS:xmlsec1-0:1.2.6-3.1.s390x", "4AS:xmlsec1-0:1.2.6-3.1.src", "4AS:xmlsec1-0:1.2.6-3.1.x86_64", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.i386", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.s390", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "4AS:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "4AS:xmlsec1-devel-0:1.2.6-3.1.i386", "4AS:xmlsec1-devel-0:1.2.6-3.1.ia64", "4AS:xmlsec1-devel-0:1.2.6-3.1.ppc", "4AS:xmlsec1-devel-0:1.2.6-3.1.s390", "4AS:xmlsec1-devel-0:1.2.6-3.1.s390x", "4AS:xmlsec1-devel-0:1.2.6-3.1.x86_64", "4AS:xmlsec1-openssl-0:1.2.6-3.1.i386", "4AS:xmlsec1-openssl-0:1.2.6-3.1.ia64", "4AS:xmlsec1-openssl-0:1.2.6-3.1.ppc", "4AS:xmlsec1-openssl-0:1.2.6-3.1.ppc64", "4AS:xmlsec1-openssl-0:1.2.6-3.1.s390", "4AS:xmlsec1-openssl-0:1.2.6-3.1.s390x", "4AS:xmlsec1-openssl-0:1.2.6-3.1.x86_64", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "4AS:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-0:1.2.6-3.1.ppc64", "4Desktop:xmlsec1-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-0:1.2.6-3.1.src", "4Desktop:xmlsec1-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-devel-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.ppc64", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-openssl-0:1.2.6-3.1.x86_64", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "4Desktop:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-0:1.2.6-3.1.i386", "4ES:xmlsec1-0:1.2.6-3.1.ia64", "4ES:xmlsec1-0:1.2.6-3.1.ppc", "4ES:xmlsec1-0:1.2.6-3.1.ppc64", "4ES:xmlsec1-0:1.2.6-3.1.s390", "4ES:xmlsec1-0:1.2.6-3.1.s390x", "4ES:xmlsec1-0:1.2.6-3.1.src", "4ES:xmlsec1-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.i386", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.s390", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "4ES:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-devel-0:1.2.6-3.1.i386", "4ES:xmlsec1-devel-0:1.2.6-3.1.ia64", "4ES:xmlsec1-devel-0:1.2.6-3.1.ppc", "4ES:xmlsec1-devel-0:1.2.6-3.1.s390", "4ES:xmlsec1-devel-0:1.2.6-3.1.s390x", "4ES:xmlsec1-devel-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-openssl-0:1.2.6-3.1.i386", "4ES:xmlsec1-openssl-0:1.2.6-3.1.ia64", "4ES:xmlsec1-openssl-0:1.2.6-3.1.ppc", "4ES:xmlsec1-openssl-0:1.2.6-3.1.ppc64", "4ES:xmlsec1-openssl-0:1.2.6-3.1.s390", "4ES:xmlsec1-openssl-0:1.2.6-3.1.s390x", "4ES:xmlsec1-openssl-0:1.2.6-3.1.x86_64", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "4ES:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-0:1.2.6-3.1.i386", "4WS:xmlsec1-0:1.2.6-3.1.ia64", "4WS:xmlsec1-0:1.2.6-3.1.ppc", "4WS:xmlsec1-0:1.2.6-3.1.ppc64", "4WS:xmlsec1-0:1.2.6-3.1.s390", "4WS:xmlsec1-0:1.2.6-3.1.s390x", "4WS:xmlsec1-0:1.2.6-3.1.src", "4WS:xmlsec1-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.i386", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.ia64", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.ppc64", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.s390", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.s390x", "4WS:xmlsec1-debuginfo-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-devel-0:1.2.6-3.1.i386", "4WS:xmlsec1-devel-0:1.2.6-3.1.ia64", "4WS:xmlsec1-devel-0:1.2.6-3.1.ppc", "4WS:xmlsec1-devel-0:1.2.6-3.1.s390", "4WS:xmlsec1-devel-0:1.2.6-3.1.s390x", "4WS:xmlsec1-devel-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-openssl-0:1.2.6-3.1.i386", "4WS:xmlsec1-openssl-0:1.2.6-3.1.ia64", "4WS:xmlsec1-openssl-0:1.2.6-3.1.ppc", "4WS:xmlsec1-openssl-0:1.2.6-3.1.ppc64", "4WS:xmlsec1-openssl-0:1.2.6-3.1.s390", "4WS:xmlsec1-openssl-0:1.2.6-3.1.s390x", "4WS:xmlsec1-openssl-0:1.2.6-3.1.x86_64", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.i386", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.ia64", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.ppc", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.s390x", "4WS:xmlsec1-openssl-devel-0:1.2.6-3.1.x86_64", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.src", "5Client-Workstation:xmlsec1-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "5Client-Workstation:xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-0:1.2.9-8.1.1.src", "5Client:xmlsec1-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "5Client:xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-0:1.2.9-8.1.1.src", "5Server:xmlsec1-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-debuginfo-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-devel-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-gnutls-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-gnutls-devel-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-nss-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-nss-devel-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-openssl-0:1.2.9-8.1.1.x86_64", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.i386", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ia64", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.ppc64", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.s390x", "5Server:xmlsec1-openssl-devel-0:1.2.9-8.1.1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass" } ] }
rhsa-2009_1649
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix\nmultiple security issues, several bugs, and add enhancements are now\navailable for Red Hat Enterprise Linux 5 as JBEAP 4.3.0.CP07.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "JBoss Enterprise Application Platform is the market leading platform for\ninnovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a complete,\nsimple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a\nreplacement to JBEAP 4.3.0.CP06.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the Release Notes, available shortly from:\nhttp://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/\n\nThe following security issues are also fixed with this release:\n\nA missing check for the recommended minimum length of the truncated form of\nHMAC-based XML signatures was found in xml-security. An attacker could use\nthis flaw to create a specially-crafted XML file that forges an XML\nsignature, allowing the attacker to bypass authentication that is based on\nthe XML Signature specification. (CVE-2009-0217)\n\nSwatej Kumar discovered cross-site scripting (XSS) flaws in the JBoss\nApplication Server Web Console. An attacker could use these flaws to\npresent misleading data to an authenticated user, or execute arbitrary\nscripting code in the context of the authenticated user\u0027s browser session.\n(CVE-2009-2405)\n\nA flaw was found in the way the Apache Xerces2 Java Parser processed the\nSYSTEM identifier in DTDs. A remote attacker could provide a\nspecially-crafted XML file, which once parsed by an application using the\nApache Xerces2 Java Parser, would lead to a denial of service (application\nhang due to excessive CPU use). (CVE-2009-2625)\n\nAn information leak flaw was found in the twiddle command line client. The\nJMX password was logged in plain text to \"twiddle.log\". (CVE-2009-3554)\n\nAn XSS flaw was found in the JMX Console. An attacker could use this flaw\nto present misleading data to an authenticated user, or execute arbitrary\nscripting code in the context of the authenticated user\u0027s browser session.\n(CVE-2009-1380)\n\nWarning: Before applying this update, please backup the JBEAP\n\"server/[configuration]/deploy/\" directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 5 are advised to upgrade\nto these updated packages.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2009:1649", "url": "https://access.redhat.com/errata/RHSA-2009:1649" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/", "url": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/" }, { "category": "external", "summary": "510023", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510023" }, { "category": "external", "summary": "511224", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511224" }, { "category": "external", "summary": "511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "532113", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532113" }, { "category": "external", "summary": "539495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539495" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1649.json" } ], "title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 4.3.0.CP07 update", "tracking": { "current_release_date": "2024-11-05T17:11:49+00:00", "generator": { "date": "2024-11-05T17:11:49+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2009:1649", "initial_release_date": "2009-12-09T23:51:00+00:00", "revision_history": [ { "date": "2009-12-09T23:51:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2009-12-09T18:51:47+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:11:49+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el5" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jgroups-1:2.4.7-1.ep1.el5.src", "product": { "name": "jgroups-1:2.4.7-1.ep1.el5.src", "product_id": "jgroups-1:2.4.7-1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@2.4.7-1.ep1.el5?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "product": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "product_id": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jacorb@2.3.0-1jpp.ep1.9.1.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "product": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "product_id": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-3.SP1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "product": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "product_id": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "product": { "name": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "product_id": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.11GA_CP02.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "product": { "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "product_id": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-messaging@1.4.0-3.SP3_CP09.4.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "product": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "product_id": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP08.1jpp.ep1.1.el5?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "product": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "product_id": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP12.0jpp.ep1.2.el5?arch=src" } } }, { "category": "product_version", "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "product": { "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "product_id": "glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaxb@2.1.4-1.12.patch03.1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "product": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "product_id": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "product": { "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "product_id": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-common@1.0.0-2.GA_CP05.1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "product": { "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "product_id": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-framework@2.0.1-1.GA_CP05.1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "product": { "name": "jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "product_id": "jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws@2.0.1-4.SP2_CP07.2.1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "product": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "product_id": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.5.1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "product": { "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "product_id": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam@1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1?arch=src" } } }, { "category": "product_version", "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "product": { "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "product_id": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs@4.3.0-6.GA_CP07.ep1.3.el5?arch=src" } } }, { "category": "product_version", "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "product": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "product_id": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/quartz@1.5.2-1jpp.patch01.ep1.4.1.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "product": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "product_id": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1.3.el5.1?arch=src" } } }, { "category": "product_version", "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "product": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "product_id": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-aop@1.5.5-3.CP04.2.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jcommon-0:1.0.16-1.1.ep1.el5.src", "product": { "name": "jcommon-0:1.0.16-1.1.ep1.el5.src", "product_id": "jcommon-0:1.0.16-1.1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jcommon@1.0.16-1.1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "product": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "product_id": "jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jfreechart@1.0.13-2.3.1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "product": { "name": "jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "product_id": "jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam2@2.0.2.FP-1.ep1.18.el5?arch=src" } } }, { "category": "product_version", "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src", "product": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src", "product_id": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xml-security@1.3.0-1.3.patch01.ep1.2.1.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "product": { "name": "jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "product_id": "jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas@4.3.0-6.GA_CP07.4.2.ep1.el5?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jgroups-1:2.4.7-1.ep1.el5.noarch", "product": { "name": "jgroups-1:2.4.7-1.ep1.el5.noarch", "product_id": "jgroups-1:2.4.7-1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@2.4.7-1.ep1.el5?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "product": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "product_id": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jacorb@2.3.0-1jpp.ep1.9.1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "product": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "product_id": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-3.SP1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "product": { "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "product_id": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-javadoc@3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "product": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "product_id": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "product": { "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "product_id": "hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations-javadoc@3.3.1-1.11GA_CP02.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "product": { "name": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "product_id": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.11GA_CP02.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "product": { "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "product_id": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-messaging@1.4.0-3.SP3_CP09.4.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "product": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "product_id": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP08.1jpp.ep1.1.el5?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "product": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "product_id": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP12.0jpp.ep1.2.el5?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "product": { "name": "glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "product_id": "glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaxb-javadoc@2.1.4-1.12.patch03.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "product": { "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "product_id": "glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaxb@2.1.4-1.12.patch03.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "product": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "product_id": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "product": { "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "product_id": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-common@1.0.0-2.GA_CP05.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "product": { "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "product_id": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-framework@2.0.1-1.GA_CP05.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "product": { "name": "jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "product_id": "jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws@2.0.1-4.SP2_CP07.2.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "product": { "name": "jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "product_id": "jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-native42@2.0.1-4.SP2_CP07.2.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "product": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "product_id": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.5.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "product": { "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "product_id": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager-javadoc@3.3.2-2.5.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "product": { "name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "product_id": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam-docs@1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "product": { "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "product_id": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam@1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "product": { "name": "rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "product_id": "rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs-examples@4.3.0-6.GA_CP07.ep1.3.el5?arch=noarch" } } }, { "category": "product_version", "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "product": { "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "product_id": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs@4.3.0-6.GA_CP07.ep1.3.el5?arch=noarch" } } }, { "category": "product_version", "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "product": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "product_id": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/quartz@1.5.2-1jpp.patch01.ep1.4.1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "product": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "product_id": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1.3.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "product": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "product_id": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-aop@1.5.5-3.CP04.2.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jcommon-0:1.0.16-1.1.ep1.el5.noarch", "product": { "name": "jcommon-0:1.0.16-1.1.ep1.el5.noarch", "product_id": "jcommon-0:1.0.16-1.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jcommon@1.0.16-1.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "product": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "product_id": "jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jfreechart@1.0.13-2.3.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "product": { "name": "jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "product_id": "jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam2@2.0.2.FP-1.ep1.18.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "product": { "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "product_id": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam2-docs@2.0.2.FP-1.ep1.18.el5?arch=noarch" } } }, { "category": "product_version", "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "product": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "product_id": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xml-security@1.3.0-1.3.patch01.ep1.2.1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "product": { "name": "jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "product_id": "jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-client@4.3.0-6.GA_CP07.4.2.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "product": { "name": "jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "product_id": "jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas@4.3.0-6.GA_CP07.4.2.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "product": { "name": "jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "product_id": "jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-4.3.0.GA_CP07-bin@4.3.0-6.GA_CP07.4.2.ep1.el5?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch" }, "product_reference": "glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src" }, "product_reference": "glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch" }, "product_reference": "glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch" }, "product_reference": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src" }, "product_reference": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch" }, "product_reference": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src" }, "product_reference": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch" }, "product_reference": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src" }, "product_reference": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch" }, "product_reference": "hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch" }, "product_reference": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src" }, "product_reference": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch" }, "product_reference": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch" }, "product_reference": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch" }, "product_reference": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src" }, "product_reference": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch" }, "product_reference": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src" }, "product_reference": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch" }, "product_reference": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src" }, "product_reference": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch" }, "product_reference": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src" }, "product_reference": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch" }, "product_reference": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch" }, "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src" }, "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch" }, "product_reference": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch" }, "product_reference": "jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src" }, "product_reference": "jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch" }, "product_reference": "jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch" }, "product_reference": "jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch" }, "product_reference": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src" }, "product_reference": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch" }, "product_reference": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src" }, "product_reference": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch" }, "product_reference": "jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src" }, "product_reference": "jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch" }, "product_reference": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src" }, "product_reference": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch" }, "product_reference": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src" }, "product_reference": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch" }, "product_reference": "jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.16-1.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch" }, "product_reference": "jcommon-0:1.0.16-1.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.16-1.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src" }, "product_reference": "jcommon-0:1.0.16-1.1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch" }, "product_reference": "jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src" }, "product_reference": "jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.7-1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch" }, "product_reference": "jgroups-1:2.4.7-1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.7-1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src" }, "product_reference": "jgroups-1:2.4.7-1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch" }, "product_reference": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src" }, "product_reference": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch" }, "product_reference": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src" }, "product_reference": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch" }, "product_reference": "rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch" }, "product_reference": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" }, "product_reference": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.3.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "discovery_date": "2009-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511915" } ], "notes": [ { "category": "description", "text": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0217" }, { "category": "external", "summary": "RHBZ#511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" } ], "release_date": "2009-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:51:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1649" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass" }, { "cve": "CVE-2009-1380", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2009-05-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511224" } ], "notes": [ { "category": "description", "text": "Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 allows remote attackers to inject arbitrary web script or HTML via the filter parameter, related to the key property and the position of quote and colon characters.", "title": "Vulnerability description" }, { "category": "summary", "text": "jbossas JMX-Console cross-site-scripting in filter parameter", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1380" }, { "category": "external", "summary": "RHBZ#511224", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511224" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1380", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1380" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1380", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1380" } ], "release_date": "2009-12-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:51:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1649" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jbossas JMX-Console cross-site-scripting in filter parameter" }, { "cve": "CVE-2009-2405", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2009-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "510023" } ], "notes": [ { "category": "description", "text": "Multiple cross-site scripting (XSS) vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject arbitrary web script or HTML via the (1) monitorName, (2) objectName, (3) attribute, or (4) period parameter to createSnapshot.jsp, or the (5) monitorName, (6) objectName, (7) attribute, (8) threshold, (9) period, or (10) enabled parameter to createThresholdMonitor.jsp. NOTE: some of these details are obtained from third party information.", "title": "Vulnerability description" }, { "category": "summary", "text": "JBoss Application Server Web Console XSS", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw does not affect Red Hat JBoss Enterprise Application Platform 5 or 6. Older versions of the community JBoss Application Server 5.x may be affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2405" }, { "category": "external", "summary": "RHBZ#510023", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510023" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2405", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2405" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2405", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2405" } ], "release_date": "2009-07-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:51:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1649" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JBoss Application Server Web Console XSS" }, { "cve": "CVE-2009-2625", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512921" } ], "notes": [ { "category": "description", "text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML parsing Denial-Of-Service (6845701)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2625" }, { "category": "external", "summary": "RHBZ#512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2625" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:51:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1649" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML parsing Denial-Of-Service (6845701)" }, { "cve": "CVE-2009-3554", "discovery_date": "2009-10-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "539495" } ], "notes": [ { "category": "description", "text": "Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file.", "title": "Vulnerability description" }, { "category": "summary", "text": "JBoss EAP Twiddle logs the JMX password", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3554" }, { "category": "external", "summary": "RHBZ#539495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539495" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3554", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3554" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3554", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3554" } ], "release_date": "2009-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:51:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1649" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.1.ep1.el5.src", "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.src", "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.12.el5.1.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.18.el5.src", "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.18.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.2.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.2.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el5.src", "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JBoss EAP Twiddle logs the JMX password" } ] }
rhsa-2009_1637
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix\nmultiple security issues, several bugs, and add enhancements are now\navailable for Red Hat Enterprise Linux 4 as JBEAP 4.2.0.CP08.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "JBoss Enterprise Application Platform is the market leading platform for\ninnovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a complete,\nsimple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 serves as a\nreplacement to JBEAP 4.2.0.CP07.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the Release Notes, available shortly from:\nhttp://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/\n\nThe following security issues are also fixed with this release:\n\nA missing check for the recommended minimum length of the truncated form of\nHMAC-based XML signatures was found in xml-security. An attacker could use\nthis flaw to create a specially-crafted XML file that forges an XML\nsignature, allowing the attacker to bypass authentication that is based on\nthe XML Signature specification. (CVE-2009-0217)\n\nSwatej Kumar discovered cross-site scripting (XSS) flaws in the JBoss\nApplication Server Web Console. An attacker could use these flaws to\npresent misleading data to an authenticated user, or execute arbitrary\nscripting code in the context of the authenticated user\u0027s browser session.\n(CVE-2009-2405)\n\nA flaw was found in the way the Apache Xerces2 Java Parser processed the\nSYSTEM identifier in DTDs. A remote attacker could provide a\nspecially-crafted XML file, which once parsed by an application using the\nApache Xerces2 Java Parser, would lead to a denial of service (application\nhang due to excessive CPU use). (CVE-2009-2625)\n\nAn information leak flaw was found in the twiddle command line client. The\nJMX password was logged in plain text to \"twiddle.log\". (CVE-2009-3554)\n\nAn XSS flaw was found in the JMX Console. An attacker could use this flaw\nto present misleading data to an authenticated user, or execute arbitrary\nscripting code in the context of the authenticated user\u0027s browser session.\n(CVE-2009-1380)\n\nWarning: Before applying this update, please backup the JBEAP\n\"server/[configuration]/deploy/\" directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.2 on Red Hat Enterprise Linux 4 are advised to upgrade\nto these updated packages.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2009:1637", "url": "https://access.redhat.com/errata/RHSA-2009:1637" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/", "url": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/" }, { "category": "external", "summary": "510023", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510023" }, { "category": "external", "summary": "511224", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511224" }, { "category": "external", "summary": "511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "532116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532116" }, { "category": "external", "summary": "539495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539495" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1637.json" } ], "title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0.CP08 update", "tracking": { "current_release_date": "2024-11-05T17:11:18+00:00", "generator": { "date": "2024-11-05T17:11:18+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2009:1637", "initial_release_date": "2009-12-09T23:32:00+00:00", "revision_history": [ { "date": "2009-12-09T23:32:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2009-12-09T18:32:14+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:11:18+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product": { "name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0::el4" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product": { "name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0::el4" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "product": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "product_id": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-3.SP1.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "product": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "product_id": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/quartz@1.5.2-1jpp.patch01.ep1.4.el4?arch=src" } } }, { "category": "product_version", "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "product": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "product_id": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xml-security@1.3.0-1.3.patch01.ep1.2.el4?arch=src" } } }, { "category": "product_version", "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "product": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "product_id": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-aop@1.5.5-3.CP04.2.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "product": { "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "product_id": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xerces-j2@2.7.1-9jpp.4.patch_02.1.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "product": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "product_id": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jacorb@2.3.0-1jpp.ep1.9.el4?arch=src" } } }, { "category": "product_version", "name": "jgroups-1:2.4.7-1.ep1.el4.src", "product": { "name": "jgroups-1:2.4.7-1.ep1.el4.src", "product_id": "jgroups-1:2.4.7-1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@2.4.7-1.ep1.el4?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "product": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "product_id": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP09.0jpp.ep1.1.el4?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "product": { "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "product_id": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.11.GA_CP02.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "product": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "product_id": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.5.GA_CP01.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "product": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "product_id": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP12.0jpp.ep1.2.el4?arch=src" } } }, { "category": "product_version", "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "product": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "product_id": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.1.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "product": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "product_id": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1.3.el4?arch=src" } } }, { "category": "product_version", "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "product": { "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "product_id": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jakarta-commons-logging-jboss@1.1-9.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jcommon-0:1.0.16-1.1.ep1.el4.src", "product": { "name": "jcommon-0:1.0.16-1.1.ep1.el4.src", "product_id": "jcommon-0:1.0.16-1.1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jcommon@1.0.16-1.1.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "product": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "product_id": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jfreechart@1.0.13-2.3.1.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "product": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "product_id": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP08.1jpp.ep1.1.el4?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "product": { "name": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "product_id": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas@4.2.0-5.GA_CP08.5.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jboss-seam-0:1.2.1-1.ep1.22.el4.src", "product": { "name": "jboss-seam-0:1.2.1-1.ep1.22.el4.src", "product_id": "jboss-seam-0:1.2.1-1.ep1.22.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.22.el4?arch=src" } } }, { "category": "product_version", "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "product": { "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "product_id": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs@4.2.0-6.GA_CP08.ep1.3.el4?arch=src" } } }, { "category": "product_version", "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "product": { "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "product_id": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-javamail@1.4.2-0jpp.ep1.5.el4?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "product": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "product_id": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-3.SP1.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "product": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "product_id": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/quartz@1.5.2-1jpp.patch01.ep1.4.el4?arch=noarch" } } }, { "category": "product_version", "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "product": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "product_id": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xml-security@1.3.0-1.3.patch01.ep1.2.el4?arch=noarch" } } }, { "category": "product_version", "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "product": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "product_id": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-aop@1.5.5-3.CP04.2.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "product": { "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "product_id": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xerces-j2@2.7.1-9jpp.4.patch_02.1.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "product": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "product_id": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jacorb@2.3.0-1jpp.ep1.9.el4?arch=noarch" } } }, { "category": "product_version", "name": "jgroups-1:2.4.7-1.ep1.el4.noarch", "product": { "name": "jgroups-1:2.4.7-1.ep1.el4.noarch", "product_id": "jgroups-1:2.4.7-1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@2.4.7-1.ep1.el4?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "product": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "product_id": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP09.0jpp.ep1.1.el4?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "product": { "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "product_id": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-javadoc@3.2.4-1.SP1_CP09.0jpp.ep1.1.el4?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "product": { "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "product_id": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.11.GA_CP02.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "product": { "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "product_id": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations-javadoc@3.3.1-1.11.GA_CP02.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "product": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "product_id": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.5.GA_CP01.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "product": { "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "product_id": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager-javadoc@3.3.2-2.5.GA_CP01.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "product": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "product_id": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP12.0jpp.ep1.2.el4?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "product": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "product_id": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.1.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "product": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "product_id": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1.3.el4?arch=noarch" } } }, { "category": "product_version", "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "product": { "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "product_id": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jakarta-commons-logging-jboss@1.1-9.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jcommon-0:1.0.16-1.1.ep1.el4.noarch", "product": { "name": "jcommon-0:1.0.16-1.1.ep1.el4.noarch", "product_id": "jcommon-0:1.0.16-1.1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jcommon@1.0.16-1.1.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "product": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "product_id": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jfreechart@1.0.13-2.3.1.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "product": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "product_id": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP08.1jpp.ep1.1.el4?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "product": { "name": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "product_id": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas@4.2.0-5.GA_CP08.5.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "product": { "name": "jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "product_id": "jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-client@4.2.0-5.GA_CP08.5.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "product": { "name": "jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "product_id": "jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-4.2.0.GA_CP08-bin@4.2.0-5.GA_CP08.5.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "product": { "name": "jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "product_id": "jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.22.el4?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "product": { "name": "jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "product_id": "jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam-docs@1.2.1-1.ep1.22.el4?arch=noarch" } } }, { "category": "product_version", "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "product": { "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "product_id": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs@4.2.0-6.GA_CP08.ep1.3.el4?arch=noarch" } } }, { "category": "product_version", "name": "rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "product": { "name": "rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "product_id": "rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs-examples@4.2.0-6.GA_CP08.ep1.3.el4?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "product": { "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "product_id": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-javamail@1.4.2-0jpp.ep1.5.el4?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch" }, "product_reference": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src" }, "product_reference": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch" }, "product_reference": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src" }, "product_reference": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch" }, "product_reference": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src" }, "product_reference": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch" }, "product_reference": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src" }, "product_reference": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch" }, "product_reference": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch" }, "product_reference": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src" }, "product_reference": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch" }, "product_reference": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch" }, "product_reference": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch" }, "product_reference": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src" }, "product_reference": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch" }, "product_reference": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src" }, "product_reference": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch" }, "product_reference": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src" }, "product_reference": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-1.ep1.22.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch" }, "product_reference": "jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-1.ep1.22.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src" }, "product_reference": "jboss-seam-0:1.2.1-1.ep1.22.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch" }, "product_reference": "jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch" }, "product_reference": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src" }, "product_reference": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch" }, "product_reference": "jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch" }, "product_reference": "jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch" }, "product_reference": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src" }, "product_reference": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch" }, "product_reference": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src" }, "product_reference": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.16-1.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch" }, "product_reference": "jcommon-0:1.0.16-1.1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.16-1.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src" }, "product_reference": "jcommon-0:1.0.16-1.1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch" }, "product_reference": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src" }, "product_reference": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.7-1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch" }, "product_reference": "jgroups-1:2.4.7-1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.7-1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src" }, "product_reference": "jgroups-1:2.4.7-1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch" }, "product_reference": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src" }, "product_reference": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch" }, "product_reference": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src" }, "product_reference": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch" }, "product_reference": "rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch" }, "product_reference": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src" }, "product_reference": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch" }, "product_reference": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", "product_id": "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" }, "product_reference": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "relates_to_product_reference": "4AS-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch" }, "product_reference": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src" }, "product_reference": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch" }, "product_reference": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src" }, "product_reference": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch" }, "product_reference": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src" }, "product_reference": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch" }, "product_reference": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src" }, "product_reference": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch" }, "product_reference": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch" }, "product_reference": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src" }, "product_reference": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch" }, "product_reference": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch" }, "product_reference": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch" }, "product_reference": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src" }, "product_reference": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch" }, "product_reference": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src" }, "product_reference": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch" }, "product_reference": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src" }, "product_reference": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-1.ep1.22.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch" }, "product_reference": "jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-1.ep1.22.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src" }, "product_reference": "jboss-seam-0:1.2.1-1.ep1.22.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch" }, "product_reference": "jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch" }, "product_reference": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src" }, "product_reference": "jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch" }, "product_reference": "jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch" }, "product_reference": "jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch" }, "product_reference": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src" }, "product_reference": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch" }, "product_reference": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src" }, "product_reference": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.16-1.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch" }, "product_reference": "jcommon-0:1.0.16-1.1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.16-1.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src" }, "product_reference": "jcommon-0:1.0.16-1.1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch" }, "product_reference": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src" }, "product_reference": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.7-1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch" }, "product_reference": "jgroups-1:2.4.7-1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.7-1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src" }, "product_reference": "jgroups-1:2.4.7-1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch" }, "product_reference": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src" }, "product_reference": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch" }, "product_reference": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src" }, "product_reference": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch" }, "product_reference": "rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch" }, "product_reference": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src" }, "product_reference": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch" }, "product_reference": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "relates_to_product_reference": "4ES-JBEAP" }, { "category": "default_component_of", "full_product_name": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", "product_id": "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" }, "product_reference": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "relates_to_product_reference": "4ES-JBEAP" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "discovery_date": "2009-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511915" } ], "notes": [ { "category": "description", "text": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0217" }, { "category": "external", "summary": "RHBZ#511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" } ], "release_date": "2009-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1637" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass" }, { "cve": "CVE-2009-1380", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2009-05-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511224" } ], "notes": [ { "category": "description", "text": "Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 allows remote attackers to inject arbitrary web script or HTML via the filter parameter, related to the key property and the position of quote and colon characters.", "title": "Vulnerability description" }, { "category": "summary", "text": "jbossas JMX-Console cross-site-scripting in filter parameter", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1380" }, { "category": "external", "summary": "RHBZ#511224", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511224" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1380", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1380" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1380", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1380" } ], "release_date": "2009-12-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1637" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jbossas JMX-Console cross-site-scripting in filter parameter" }, { "cve": "CVE-2009-2405", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2009-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "510023" } ], "notes": [ { "category": "description", "text": "Multiple cross-site scripting (XSS) vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject arbitrary web script or HTML via the (1) monitorName, (2) objectName, (3) attribute, or (4) period parameter to createSnapshot.jsp, or the (5) monitorName, (6) objectName, (7) attribute, (8) threshold, (9) period, or (10) enabled parameter to createThresholdMonitor.jsp. NOTE: some of these details are obtained from third party information.", "title": "Vulnerability description" }, { "category": "summary", "text": "JBoss Application Server Web Console XSS", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw does not affect Red Hat JBoss Enterprise Application Platform 5 or 6. Older versions of the community JBoss Application Server 5.x may be affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2405" }, { "category": "external", "summary": "RHBZ#510023", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510023" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2405", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2405" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2405", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2405" } ], "release_date": "2009-07-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1637" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JBoss Application Server Web Console XSS" }, { "cve": "CVE-2009-2625", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512921" } ], "notes": [ { "category": "description", "text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML parsing Denial-Of-Service (6845701)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2625" }, { "category": "external", "summary": "RHBZ#512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2625" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1637" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML parsing Denial-Of-Service (6845701)" }, { "cve": "CVE-2009-3554", "discovery_date": "2009-10-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "539495" } ], "notes": [ { "category": "description", "text": "Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file.", "title": "Vulnerability description" }, { "category": "summary", "text": "JBoss EAP Twiddle logs the JMX password", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3554" }, { "category": "external", "summary": "RHBZ#539495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539495" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3554", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3554" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3554", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3554" } ], "release_date": "2009-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1637" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4AS-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.22.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.22.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-5.GA_CP08.5.ep1.el4.src", "4ES-JBEAP:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossas-client-0:4.2.0-5.GA_CP08.5.ep1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JBoss EAP Twiddle logs the JMX password" } ] }
rhsa-2009_1200
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.6.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and\nthe Sun Java 6 Software Development Kit.\n\nThis update fixes several vulnerabilities in the Sun Java 6 Runtime\nEnvironment and the Sun Java 6 Software Development Kit. These\nvulnerabilities are summarized on the \"Advance notification of Security\nUpdates for Java SE\" page from Sun Microsystems, listed in the References\nsection. (CVE-2009-0217, CVE-2009-2475, CVE-2009-2476, CVE-2009-2625,\nCVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2674,\nCVE-2009-2675, CVE-2009-2676, CVE-2009-2690)\n\nUsers of java-1.6.0-sun should upgrade to these updated packages, which\ncorrect these issues. All running instances of Sun Java must be restarted\nfor the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2009:1200", "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates5", "url": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates5" }, { "category": "external", "summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1" }, { "category": "external", "summary": "511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "513215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215" }, { "category": "external", "summary": "513220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220" }, { "category": "external", "summary": "513223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223" }, { "category": "external", "summary": "515890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1200.json" } ], "title": "Red Hat Security Advisory: java-1.6.0-sun security update", "tracking": { "current_release_date": "2024-11-05T17:07:53+00:00", "generator": { "date": "2024-11-05T17:07:53+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2009:1200", "initial_release_date": "2009-08-06T20:41:00+00:00", "revision_history": [ { "date": "2009-08-06T20:41:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2009-08-06T16:41:36+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:07:53+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Desktop version 4 Extras", "product": { "name": "Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4 Extras", "product": { "name": "Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.15-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.15-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.15-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.15-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.15-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.15-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.15-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.15-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.15-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.15-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.15-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.15-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.15-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.15-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.15-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.15-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.15-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.15-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.15-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.15-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.15-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.15-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.15-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.15-1jpp.1.el5?arch=i586\u0026epoch=1" } } } ], "category": "architecture", "name": "i586" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "discovery_date": "2009-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511915" } ], "notes": [ { "category": "description", "text": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0217" }, { "category": "external", "summary": "RHBZ#511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" } ], "release_date": "2009-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass" }, { "cve": "CVE-2009-2475", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513215" } ], "notes": [ { "category": "description", "text": "Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS, a different vulnerability than CVE-2009-2673.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2475" }, { "category": "external", "summary": "RHBZ#513215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2475", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2475" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2475", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2475" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)" }, { "cve": "CVE-2009-2476", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513220" } ], "notes": [ { "category": "description", "text": "The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK OpenType checks can be bypassed (6736293)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2476" }, { "category": "external", "summary": "RHBZ#513220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2476", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2476" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2476", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2476" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK OpenType checks can be bypassed (6736293)" }, { "cve": "CVE-2009-2625", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512921" } ], "notes": [ { "category": "description", "text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML parsing Denial-Of-Service (6845701)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2625" }, { "category": "external", "summary": "RHBZ#512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2625" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML parsing Denial-Of-Service (6845701)" }, { "cve": "CVE-2009-2670", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512896" } ], "notes": [ { "category": "description", "text": "The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Untrusted applet System properties access (6738524)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2670" }, { "category": "external", "summary": "RHBZ#512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2670", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2670" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK Untrusted applet System properties access (6738524)" }, { "cve": "CVE-2009-2671", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2671" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2671", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2671" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2672", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2672" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2672", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2672" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2673", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512914" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2673" }, { "category": "external", "summary": "RHBZ#512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2673", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2673" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)" }, { "cve": "CVE-2009-2674", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512915" } ], "notes": [ { "category": "description", "text": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer JPEG processing integer overflow (6823373)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2674" }, { "category": "external", "summary": "RHBZ#512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2674", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2674" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer JPEG processing integer overflow (6823373)" }, { "cve": "CVE-2009-2675", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512920" } ], "notes": [ { "category": "description", "text": "Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer unpack200 processing integer overflow (6830335)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2675" }, { "category": "external", "summary": "RHBZ#512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2675", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2675" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer unpack200 processing integer overflow (6830335)" }, { "cve": "CVE-2009-2676", "discovery_date": "2009-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "515890" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vectors involving an untrusted Java applet that accesses an old version of JNLPAppletLauncher.", "title": "Vulnerability description" }, { "category": "summary", "text": "JRE applet launcher vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2676" }, { "category": "external", "summary": "RHBZ#515890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2676", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2676" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2676", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2676" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JRE applet launcher vulnerability" }, { "cve": "CVE-2009-2690", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513223" } ], "notes": [ { "category": "description", "text": "The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK private variable information disclosure (6777487)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2690" }, { "category": "external", "summary": "RHBZ#513223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2690", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2690" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2690", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2690" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK private variable information disclosure (6777487)" }, { "cve": "CVE-2009-2716", "discovery_date": "2009-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "516812" } ], "notes": [ { "category": "description", "text": "The plugin functionality in Sun Java SE 6 before Update 15 does not properly implement version selection, which allows context-dependent attackers to leverage vulnerabilities in \"old zip and certificate handling\" and have unspecified other impact via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK improper version selection", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2716" }, { "category": "external", "summary": "RHBZ#516812", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516812" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2716", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2716" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2716", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2716" } ], "release_date": "2009-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK improper version selection" }, { "cve": "CVE-2009-2718", "discovery_date": "2009-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "516815" } ], "notes": [ { "category": "description", "text": "The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an untrusted applet.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK reposition of untrusted applet security icon in X11", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2718" }, { "category": "external", "summary": "RHBZ#516815", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516815" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2718", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2718" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2718", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2718" } ], "release_date": "2009-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK reposition of untrusted applet security icon in X11" }, { "cve": "CVE-2009-2719", "discovery_date": "2009-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "516820" } ], "notes": [ { "category": "description", "text": "The Java Web Start implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service (NullPointerException) via a crafted .jnlp file, as demonstrated by the jnlp_file/appletDesc/index.html#misc test in the Technology Compatibility Kit (TCK) for the Java Network Launching Protocol (JNLP).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK DoS with crafted .jnlp file", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2719" }, { "category": "external", "summary": "RHBZ#516820", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516820" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2719", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2719" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2719", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2719" } ], "release_date": "2009-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "JDK DoS with crafted .jnlp file" }, { "cve": "CVE-2009-2720", "discovery_date": "2009-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "516823" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the javax.swing.plaf.synth.SynthContext.isSubregion method in the Swing implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service (NullPointerException in the Jemmy library) via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK DoS with Swing Synthcontext implementation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2720" }, { "category": "external", "summary": "RHBZ#516823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2720", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2720" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2720", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2720" } ], "release_date": "2009-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 1.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "JDK DoS with Swing Synthcontext implementation" } ] }
rhsa-2010_0043
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Low" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.6.0-ibm packages that fix several security issues are now\navailable for Red Hat Network Satellite Server 5.3.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.", "title": "Topic" }, { "category": "general", "text": "This update corrects several security vulnerabilities in the IBM Java\nRuntime Environment shipped as part of Red Hat Network Satellite Server\n5.3. In a typical operating environment, these are of low security risk as\nthe runtime is not used on untrusted applets.\n\nSeveral flaws were fixed in the IBM Java 2 Runtime Environment.\n(CVE-2009-0217, CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096,\nCVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101,\nCVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, CVE-2009-1107,\nCVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673,\nCVE-2009-2674, CVE-2009-2675, CVE-2009-2676, CVE-2009-3865, CVE-2009-3866,\nCVE-2009-3867, CVE-2009-3868, CVE-2009-3869, CVE-2009-3871, CVE-2009-3872,\nCVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877)\n\nUsers of Red Hat Network Satellite Server 5.3 are advised to upgrade to\nthese updated java-1.6.0-ibm packages, which resolve these issues. For this\nupdate to take effect, Red Hat Network Satellite Server must be restarted\n(\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of\nIBM Java.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2010:0043", "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "category": "external", "summary": "http://www.redhat.com/security/updates/classification/#low", "url": "http://www.redhat.com/security/updates/classification/#low" }, { "category": "external", "summary": "490166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490166" }, { "category": "external", "summary": "490167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490167" }, { "category": "external", "summary": "490168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490168" }, { "category": "external", "summary": "490169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490169" }, { "category": "external", "summary": "490174", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490174" }, { "category": "external", "summary": "490178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490178" }, { "category": "external", "summary": "492302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492302" }, { "category": "external", "summary": "492305", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492305" }, { "category": "external", "summary": "492306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492306" }, { "category": "external", "summary": "492308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492308" }, { "category": "external", "summary": "492309", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492309" }, { "category": "external", "summary": "492310", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492310" }, { "category": "external", "summary": "492312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492312" }, { "category": "external", "summary": "511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "515890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890" }, { "category": "external", "summary": "530053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530053" }, { "category": "external", "summary": "530057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530057" }, { "category": "external", "summary": "530061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530061" }, { "category": "external", "summary": "530062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530062" }, { "category": "external", "summary": "530063", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530063" }, { "category": "external", "summary": "530067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530067" }, { "category": "external", "summary": "532906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532906" }, { "category": "external", "summary": "533211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533211" }, { "category": "external", "summary": "533212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533212" }, { "category": "external", "summary": "533214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533214" }, { "category": "external", "summary": "533215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533215" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0043.json" } ], "title": "Red Hat Security Advisory: Red Hat Network Satellite Server IBM Java Runtime security update", "tracking": { "current_release_date": "2024-11-05T17:13:07+00:00", "generator": { "date": "2024-11-05T17:13:07+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2010:0043", "initial_release_date": "2010-01-14T16:32:00+00:00", "revision_history": [ { "date": "2010-01-14T16:32:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2010-01-14T11:32:02+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:13:07+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 5.3 (RHEL v.4)", "product": { "name": "Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.3::el4" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.3 (RHEL v.5)", "product": { "name": "Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.3::el5" } } } ], "category": "product_family", "name": "Red Hat Satellite" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=s390\u0026epoch=1" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.2.el5?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.2.el5?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.2.el5?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Server-Satellite53" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Server-Satellite53" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "relates_to_product_reference": "5Server-Satellite53" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Satellite53" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Server-Satellite53" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Server-Satellite53" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Satellite53" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "discovery_date": "2009-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511915" } ], "notes": [ { "category": "description", "text": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0217" }, { "category": "external", "summary": "RHBZ#511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" } ], "release_date": "2009-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass" }, { "cve": "CVE-2009-1093", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490167" } ], "notes": [ { "category": "description", "text": "LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to cause a denial of service (LDAP service hang).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK remote LDAP Denial-Of-Service (6717680)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1093" }, { "category": "external", "summary": "RHBZ#490167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490167" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1093", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1093" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1093", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1093" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK remote LDAP Denial-Of-Service (6717680)" }, { "cve": "CVE-2009-1094", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490168" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK LDAP client remote code execution (6737315)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1094" }, { "category": "external", "summary": "RHBZ#490168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490168" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1094", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1094" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1094", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1094" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK LDAP client remote code execution (6737315)" }, { "cve": "CVE-2009-1095", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490169" } ], "notes": [ { "category": "description", "text": "Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Pack200 Buffer overflow vulnerability (6792554)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1095" }, { "category": "external", "summary": "RHBZ#490169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490169" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1095", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1095" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK Pack200 Buffer overflow vulnerability (6792554)" }, { "cve": "CVE-2009-1096", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490169" } ], "notes": [ { "category": "description", "text": "Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Pack200 Buffer overflow vulnerability (6792554)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1096" }, { "category": "external", "summary": "RHBZ#490169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490169" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1096", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1096" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1096", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1096" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK Pack200 Buffer overflow vulnerability (6792554)" }, { "cve": "CVE-2009-1097", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490174" } ], "notes": [ { "category": "description", "text": "Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: PNG and GIF processing buffer overflow vulnerabilities (6804996, 6804997)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1097" }, { "category": "external", "summary": "RHBZ#490174", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490174" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1097", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1097" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1097", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1097" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: PNG and GIF processing buffer overflow vulnerabilities (6804996, 6804997)" }, { "cve": "CVE-2009-1098", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490178" } ], "notes": [ { "category": "description", "text": "Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK GIF processing buffer overflow vulnerability (6804998)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1098" }, { "category": "external", "summary": "RHBZ#490178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490178" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1098", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1098" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1098", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1098" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK GIF processing buffer overflow vulnerability (6804998)" }, { "cve": "CVE-2009-1099", "discovery_date": "2009-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492302" } ], "notes": [ { "category": "description", "text": "Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Type1 font processing buffer overflow vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1099" }, { "category": "external", "summary": "RHBZ#492302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492302" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1099", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1099" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1099", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1099" } ], "release_date": "2009-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Type1 font processing buffer overflow vulnerability" }, { "cve": "CVE-2009-1100", "discovery_date": "2009-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492305" } ], "notes": [ { "category": "description", "text": "Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) \"limits on Font creation,\" aka CR 6522586, and (2) another unspecified vector, aka CR 6632886.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DoS (disk consumption) via handling of temporary font files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1100" }, { "category": "external", "summary": "RHBZ#492305", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492305" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1100", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1100" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1100", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1100" } ], "release_date": "2009-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: DoS (disk consumption) via handling of temporary font files" }, { "cve": "CVE-2009-1101", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490166" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to cause a denial of service (probably resource consumption) for a JAX-WS service endpoint via a connection without any data, which triggers a file descriptor \"leak.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JAX-WS service endpoint remote Denial-of-Service (6630639)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1101" }, { "category": "external", "summary": "RHBZ#490166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490166" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1101", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1101" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1101", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1101" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK JAX-WS service endpoint remote Denial-of-Service (6630639)" }, { "cve": "CVE-2009-1103", "discovery_date": "2009-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492306" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to \"deserializing applets,\" aka CR 6646860.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Files disclosure, arbitrary code execution via \"deserializing applets\" (6646860)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1103" }, { "category": "external", "summary": "RHBZ#492306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492306" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1103", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1103" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1103", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1103" } ], "release_date": "2009-03-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Files disclosure, arbitrary code execution via \"deserializing applets\" (6646860)" }, { "cve": "CVE-2009-1104", "discovery_date": "2009-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492308" } ], "notes": [ { "category": "description", "text": "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; and 1.4.2_19 and earlier does not prevent Javascript that is loaded from the localhost from connecting to other ports on the system, which allows user-assisted attackers to bypass intended access restrictions via LiveConnect, aka CR 6724331. NOTE: this vulnerability can be leveraged with separate cross-site scripting (XSS) vulnerabilities for remote attack vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Intended access restrictions bypass via LiveConnect (6724331)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1104" }, { "category": "external", "summary": "RHBZ#492308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492308" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1104", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1104" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1104", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1104" } ], "release_date": "2009-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: Intended access restrictions bypass via LiveConnect (6724331)" }, { "cve": "CVE-2009-1105", "discovery_date": "2009-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492309" } ], "notes": [ { "category": "description", "text": "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR 6706490.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Possibility of trusted applet run in older, vulnerable version of JRE (6706490)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1105" }, { "category": "external", "summary": "RHBZ#492309", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492309" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1105", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1105" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1105", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1105" } ], "release_date": "2009-03-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Possibility of trusted applet run in older, vulnerable version of JRE (6706490)" }, { "cve": "CVE-2009-1106", "discovery_date": "2009-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492310" } ], "notes": [ { "category": "description", "text": "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors, aka CR 6798948.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Improper parsing of crossdomain.xml files (intended access restriction bypass) (6798948)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1106" }, { "category": "external", "summary": "RHBZ#492310", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492310" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1106", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1106" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1106", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1106" } ], "release_date": "2009-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: Improper parsing of crossdomain.xml files (intended access restriction bypass) (6798948)" }, { "cve": "CVE-2009-1107", "discovery_date": "2009-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492312" } ], "notes": [ { "category": "description", "text": "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a \"Swing JLabel HTML parsing vulnerability,\" aka CR 6782871.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Signed applet remote misuse possibility (6782871)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1107" }, { "category": "external", "summary": "RHBZ#492312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492312" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1107", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1107" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1107", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1107" } ], "release_date": "2009-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: Signed applet remote misuse possibility (6782871)" }, { "cve": "CVE-2009-2625", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512921" } ], "notes": [ { "category": "description", "text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML parsing Denial-Of-Service (6845701)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2625" }, { "category": "external", "summary": "RHBZ#512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2625" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML parsing Denial-Of-Service (6845701)" }, { "cve": "CVE-2009-2670", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512896" } ], "notes": [ { "category": "description", "text": "The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Untrusted applet System properties access (6738524)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2670" }, { "category": "external", "summary": "RHBZ#512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2670", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2670" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK Untrusted applet System properties access (6738524)" }, { "cve": "CVE-2009-2671", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2671" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2671", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2671" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2672", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2672" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2672", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2672" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2673", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512914" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2673" }, { "category": "external", "summary": "RHBZ#512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2673", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2673" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)" }, { "cve": "CVE-2009-2674", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512915" } ], "notes": [ { "category": "description", "text": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer JPEG processing integer overflow (6823373)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2674" }, { "category": "external", "summary": "RHBZ#512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2674", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2674" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer JPEG processing integer overflow (6823373)" }, { "cve": "CVE-2009-2675", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512920" } ], "notes": [ { "category": "description", "text": "Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer unpack200 processing integer overflow (6830335)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2675" }, { "category": "external", "summary": "RHBZ#512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2675", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2675" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer unpack200 processing integer overflow (6830335)" }, { "cve": "CVE-2009-2676", "discovery_date": "2009-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "515890" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vectors involving an untrusted Java applet that accesses an old version of JNLPAppletLauncher.", "title": "Vulnerability description" }, { "category": "summary", "text": "JRE applet launcher vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2676" }, { "category": "external", "summary": "RHBZ#515890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2676", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2676" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2676", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2676" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JRE applet launcher vulnerability" }, { "cve": "CVE-2009-3865", "discovery_date": "2009-11-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533211" } ], "notes": [ { "category": "description", "text": "The launch method in the Deployment Toolkit plugin in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752.", "title": "Vulnerability description" }, { "category": "summary", "text": "java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3865" }, { "category": "external", "summary": "RHBZ#533211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533211" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3865", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3865" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3865", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3865" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752)" }, { "cve": "CVE-2009-3866", "discovery_date": "2009-11-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533212" } ], "notes": [ { "category": "description", "text": "The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an unintended trusted application, aka Bug Id 6872824.", "title": "Vulnerability description" }, { "category": "summary", "text": "java-1.6.0-sun: Privilege escalation in the Java Web Start Installer (6872824)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3866" }, { "category": "external", "summary": "RHBZ#533212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533212" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3866", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3866" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3866", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3866" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "java-1.6.0-sun: Privilege escalation in the Java Web Start Installer (6872824)" }, { "cve": "CVE-2009-3867", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "discovery_date": "2009-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533214" } ], "notes": [ { "category": "description", "text": "Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.", "title": "Vulnerability description" }, { "category": "summary", "text": "java-1.6.0-sun: Stack-based buffer overflow via a long file: URL argument (6854303)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3867" }, { "category": "external", "summary": "RHBZ#533214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533214" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3867", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3867" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3867", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3867" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "java-1.6.0-sun: Stack-based buffer overflow via a long file: URL argument (6854303)" }, { "cve": "CVE-2009-3868", "discovery_date": "2009-11-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533215" } ], "notes": [ { "category": "description", "text": "Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970.", "title": "Vulnerability description" }, { "category": "summary", "text": "java-1.6.0-sun: Privilege escalation via crafted image file due improper color profiles parsing (6862970)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3868" }, { "category": "external", "summary": "RHBZ#533215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533215" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3868", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3868" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3868", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3868" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "java-1.6.0-sun: Privilege escalation via crafted image file due improper color profiles parsing (6862970)" }, { "cve": "CVE-2009-3869", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530062" } ], "notes": [ { "category": "description", "text": "Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JRE AWT setDifflCM stack overflow (6872357)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3869" }, { "category": "external", "summary": "RHBZ#530062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530062" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3869", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3869" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3869", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3869" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK JRE AWT setDifflCM stack overflow (6872357)" }, { "cve": "CVE-2009-3871", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530063" } ], "notes": [ { "category": "description", "text": "Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JRE AWT setBytePixels heap overflow (6872358)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3871" }, { "category": "external", "summary": "RHBZ#530063", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530063" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3871", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3871" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3871", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3871" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK JRE AWT setBytePixels heap overflow (6872358)" }, { "cve": "CVE-2009-3872", "discovery_date": "2009-11-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "532906" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969.", "title": "Vulnerability description" }, { "category": "summary", "text": "JRE JPEG JFIF Decoder issue (6862969)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3872" }, { "category": "external", "summary": "RHBZ#532906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532906" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3872", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3872" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3872", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3872" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JRE JPEG JFIF Decoder issue (6862969)" }, { "cve": "CVE-2009-3873", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530053" } ], "notes": [ { "category": "description", "text": "The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a \"quantization problem,\" aka Bug Id 6862968.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JPEG Image Writer quantization problem (6862968)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3873" }, { "category": "external", "summary": "RHBZ#530053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530053" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3873", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3873" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3873", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3873" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK JPEG Image Writer quantization problem (6862968)" }, { "cve": "CVE-2009-3874", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530067" } ], "notes": [ { "category": "description", "text": "Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK ImageI/O JPEG heap overflow (6874643)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3874" }, { "category": "external", "summary": "RHBZ#530067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530067" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3874", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3874" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3874", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3874" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK ImageI/O JPEG heap overflow (6874643)" }, { "cve": "CVE-2009-3875", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530057" } ], "notes": [ { "category": "description", "text": "The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to \"timing attack vulnerabilities,\" aka Bug Id 6863503.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3875" }, { "category": "external", "summary": "RHBZ#530057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530057" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3875", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3875" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3875", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3875" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503)" }, { "cve": "CVE-2009-3876", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530061" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3876" }, { "category": "external", "summary": "RHBZ#530061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530061" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3876", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3876" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3876", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3876" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877" }, { "cve": "CVE-2009-3877", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530061" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3877" }, { "category": "external", "summary": "RHBZ#530061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530061" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3877", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3877" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3877", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3877" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877" } ] }
rhsa-2009_1636
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix\nmultiple security issues, several bugs, and add enhancements are now\navailable for Red Hat Enterprise Linux 4 as JBEAP 4.3.0.CP07.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "JBoss Enterprise Application Platform is the market leading platform for\ninnovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a complete,\nsimple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 serves as a\nreplacement to JBEAP 4.3.0.CP06.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the Release Notes, available shortly from:\nhttp://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/\n\nThe following security issues are also fixed with this release:\n\nA missing check for the recommended minimum length of the truncated form of\nHMAC-based XML signatures was found in xml-security. An attacker could use\nthis flaw to create a specially-crafted XML file that forges an XML\nsignature, allowing the attacker to bypass authentication that is based on\nthe XML Signature specification. (CVE-2009-0217)\n\nSwatej Kumar discovered cross-site scripting (XSS) flaws in the JBoss\nApplication Server Web Console. An attacker could use these flaws to\npresent misleading data to an authenticated user, or execute arbitrary\nscripting code in the context of the authenticated user\u0027s browser session.\n(CVE-2009-2405)\n\nA flaw was found in the way the Apache Xerces2 Java Parser processed the\nSYSTEM identifier in DTDs. A remote attacker could provide a\nspecially-crafted XML file, which once parsed by an application using the\nApache Xerces2 Java Parser, would lead to a denial of service (application\nhang due to excessive CPU use). (CVE-2009-2625)\n\nAn information leak flaw was found in the twiddle command line client. The\nJMX password was logged in plain text to \"twiddle.log\". (CVE-2009-3554)\n\nAn XSS flaw was found in the JMX Console. An attacker could use this flaw\nto present misleading data to an authenticated user, or execute arbitrary\nscripting code in the context of the authenticated user\u0027s browser session.\n(CVE-2009-1380)\n\nWarning: Before applying this update, please backup the JBEAP\n\"server/[configuration]/deploy/\" directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 4 are advised to upgrade\nto these updated packages.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2009:1636", "url": "https://access.redhat.com/errata/RHSA-2009:1636" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/", "url": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/" }, { "category": "external", "summary": "510023", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510023" }, { "category": "external", "summary": "511224", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511224" }, { "category": "external", "summary": "511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "532117", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532117" }, { "category": "external", "summary": "539495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539495" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1636.json" } ], "title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 4.3.0.CP07 update", "tracking": { "current_release_date": "2024-11-05T17:11:13+00:00", "generator": { "date": "2024-11-05T17:11:13+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2009:1636", "initial_release_date": "2009-12-09T23:14:00+00:00", "revision_history": [ { "date": "2009-12-09T23:14:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2009-12-09T18:14:02+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:11:13+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product": { "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el4" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product": { "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el4" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "product": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "product_id": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-3.SP1.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "product": { "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "product_id": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaxb@2.1.4-1.12.patch03.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "product": { "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "product_id": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-common@1.0.0-2.GA_CP05.1.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "product": { "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "product_id": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-framework@2.0.1-1.GA_CP05.1.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "product": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "product_id": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/quartz@1.5.2-1jpp.patch01.ep1.4.el4?arch=src" } } }, { "category": "product_version", "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "product": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "product_id": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xml-security@1.3.0-1.3.patch01.ep1.2.el4?arch=src" } } }, { "category": "product_version", "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "product": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "product_id": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-aop@1.5.5-3.CP04.2.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "product": { "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "product_id": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xerces-j2@2.7.1-9jpp.4.patch_02.1.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jgroups-1:2.4.7-1.ep1.el4.src", "product": { "name": "jgroups-1:2.4.7-1.ep1.el4.src", "product_id": "jgroups-1:2.4.7-1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@2.4.7-1.ep1.el4?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "product": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "product_id": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP09.0jpp.ep1.1.el4?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "product": { "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "product_id": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.11.GA_CP02.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "product": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "product_id": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.5.GA_CP01.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "product": { "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "product_id": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-messaging@1.4.0-3.SP3_CP09.4.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "product": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "product_id": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP12.0jpp.ep1.2.el4?arch=src" } } }, { "category": "product_version", "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "product": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "product_id": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.1.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "product": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "product_id": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1.3.el4?arch=src" } } }, { "category": "product_version", "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "product": { "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "product_id": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jakarta-commons-logging-jboss@1.1-9.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "product": { "name": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "product_id": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws@2.0.1-4.SP2_CP07.2.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jcommon-0:1.0.16-1.1.ep1.el4.src", "product": { "name": "jcommon-0:1.0.16-1.1.ep1.el4.src", "product_id": "jcommon-0:1.0.16-1.1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jcommon@1.0.16-1.1.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "product": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "product_id": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jfreechart@1.0.13-2.3.1.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "product": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "product_id": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jacorb@2.3.0-1jpp.ep1.9.el4?arch=src" } } }, { "category": "product_version", "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "product": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "product_id": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP08.1jpp.ep1.1.el4?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "product": { "name": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "product_id": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas@4.3.0-6.GA_CP07.4.ep1.el4?arch=src" } } }, { "category": "product_version", "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "product": { "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "product_id": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam@1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4?arch=src" } } }, { "category": "product_version", "name": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "product": { "name": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "product_id": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam2@2.0.2.FP-1.ep1.21.el4?arch=src" } } }, { "category": "product_version", "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "product": { "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "product_id": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs@4.3.0-6.GA_CP07.ep1.3.el4?arch=src" } } }, { "category": "product_version", "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "product": { "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "product_id": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-javamail@1.4.2-0jpp.ep1.5.el4?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "product": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "product_id": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-3.SP1.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "product": { "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "product_id": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaxb@2.1.4-1.12.patch03.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "product": { "name": "glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "product_id": "glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaxb-javadoc@2.1.4-1.12.patch03.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "product": { "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "product_id": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-common@1.0.0-2.GA_CP05.1.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "product": { "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "product_id": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-framework@2.0.1-1.GA_CP05.1.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "product": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "product_id": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/quartz@1.5.2-1jpp.patch01.ep1.4.el4?arch=noarch" } } }, { "category": "product_version", "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "product": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "product_id": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xml-security@1.3.0-1.3.patch01.ep1.2.el4?arch=noarch" } } }, { "category": "product_version", "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "product": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "product_id": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-aop@1.5.5-3.CP04.2.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "product": { "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "product_id": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xerces-j2@2.7.1-9jpp.4.patch_02.1.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jgroups-1:2.4.7-1.ep1.el4.noarch", "product": { "name": "jgroups-1:2.4.7-1.ep1.el4.noarch", "product_id": "jgroups-1:2.4.7-1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@2.4.7-1.ep1.el4?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "product": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "product_id": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP09.0jpp.ep1.1.el4?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "product": { "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "product_id": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-javadoc@3.2.4-1.SP1_CP09.0jpp.ep1.1.el4?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "product": { "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "product_id": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.11.GA_CP02.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "product": { "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "product_id": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations-javadoc@3.3.1-1.11.GA_CP02.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "product": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "product_id": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.5.GA_CP01.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "product": { "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "product_id": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager-javadoc@3.3.2-2.5.GA_CP01.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "product": { "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "product_id": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-messaging@1.4.0-3.SP3_CP09.4.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "product": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "product_id": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP12.0jpp.ep1.2.el4?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "product": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "product_id": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.1.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "product": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "product_id": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1.3.el4?arch=noarch" } } }, { "category": "product_version", "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "product": { "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "product_id": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jakarta-commons-logging-jboss@1.1-9.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "product": { "name": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "product_id": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws@2.0.1-4.SP2_CP07.2.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "product": { "name": "jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "product_id": "jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-native42@2.0.1-4.SP2_CP07.2.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jcommon-0:1.0.16-1.1.ep1.el4.noarch", "product": { "name": "jcommon-0:1.0.16-1.1.ep1.el4.noarch", "product_id": "jcommon-0:1.0.16-1.1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jcommon@1.0.16-1.1.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "product": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "product_id": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jfreechart@1.0.13-2.3.1.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "product": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "product_id": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jacorb@2.3.0-1jpp.ep1.9.el4?arch=noarch" } } }, { "category": "product_version", "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "product": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "product_id": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP08.1jpp.ep1.1.el4?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "product": { "name": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "product_id": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas@4.3.0-6.GA_CP07.4.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "product": { "name": "jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "product_id": "jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-client@4.3.0-6.GA_CP07.4.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "product": { "name": "jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "product_id": "jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-4.3.0.GA_CP07-bin@4.3.0-6.GA_CP07.4.ep1.el4?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "product": { "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "product_id": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam@1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "product": { "name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "product_id": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam-docs@1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "product": { "name": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "product_id": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam2@2.0.2.FP-1.ep1.21.el4?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "product": { "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "product_id": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam2-docs@2.0.2.FP-1.ep1.21.el4?arch=noarch" } } }, { "category": "product_version", "name": "rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "product": { "name": "rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "product_id": "rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs-examples@4.3.0-6.GA_CP07.ep1.3.el4?arch=noarch" } } }, { "category": "product_version", "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "product": { "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "product_id": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs@4.3.0-6.GA_CP07.ep1.3.el4?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "product": { "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "product_id": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-javamail@1.4.2-0jpp.ep1.5.el4?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch" }, "product_reference": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src" }, "product_reference": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch" }, "product_reference": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src" }, "product_reference": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch" }, "product_reference": "glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch" }, "product_reference": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src" }, "product_reference": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch" }, "product_reference": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src" }, "product_reference": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch" }, "product_reference": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src" }, "product_reference": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch" }, "product_reference": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch" }, "product_reference": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src" }, "product_reference": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch" }, "product_reference": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch" }, "product_reference": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch" }, "product_reference": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src" }, "product_reference": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch" }, "product_reference": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src" }, "product_reference": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch" }, "product_reference": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src" }, "product_reference": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch" }, "product_reference": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src" }, "product_reference": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch" }, "product_reference": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src" }, "product_reference": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch" }, "product_reference": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch" }, "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src" }, "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch" }, "product_reference": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch" }, "product_reference": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src" }, "product_reference": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch" }, "product_reference": "jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch" }, "product_reference": "jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch" }, "product_reference": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src" }, "product_reference": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch" }, "product_reference": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src" }, "product_reference": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch" }, "product_reference": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src" }, "product_reference": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch" }, "product_reference": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src" }, "product_reference": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch" }, "product_reference": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src" }, "product_reference": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch" }, "product_reference": "jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.16-1.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch" }, "product_reference": "jcommon-0:1.0.16-1.1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.16-1.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src" }, "product_reference": "jcommon-0:1.0.16-1.1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch" }, "product_reference": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src" }, "product_reference": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.7-1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch" }, "product_reference": "jgroups-1:2.4.7-1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.7-1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src" }, "product_reference": "jgroups-1:2.4.7-1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch" }, "product_reference": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src" }, "product_reference": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch" }, "product_reference": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src" }, "product_reference": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch" }, "product_reference": "rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch" }, "product_reference": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src" }, "product_reference": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch" }, "product_reference": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS", "product_id": "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" }, "product_reference": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "relates_to_product_reference": "4AS-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch" }, "product_reference": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src" }, "product_reference": "glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch" }, "product_reference": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src" }, "product_reference": "glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch" }, "product_reference": "glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch" }, "product_reference": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src" }, "product_reference": "glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch" }, "product_reference": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src" }, "product_reference": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch" }, "product_reference": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src" }, "product_reference": "hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch" }, "product_reference": "hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch" }, "product_reference": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src" }, "product_reference": "hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch" }, "product_reference": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch" }, "product_reference": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch" }, "product_reference": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src" }, "product_reference": "jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch" }, "product_reference": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src" }, "product_reference": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch" }, "product_reference": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src" }, "product_reference": "jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch" }, "product_reference": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src" }, "product_reference": "jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch" }, "product_reference": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src" }, "product_reference": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch" }, "product_reference": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch" }, "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src" }, "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch" }, "product_reference": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch" }, "product_reference": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src" }, "product_reference": "jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch" }, "product_reference": "jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch" }, "product_reference": "jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch" }, "product_reference": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src" }, "product_reference": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch" }, "product_reference": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src" }, "product_reference": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch" }, "product_reference": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src" }, "product_reference": "jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch" }, "product_reference": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src" }, "product_reference": "jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch" }, "product_reference": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src" }, "product_reference": "jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch" }, "product_reference": "jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.16-1.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch" }, "product_reference": "jcommon-0:1.0.16-1.1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.16-1.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src" }, "product_reference": "jcommon-0:1.0.16-1.1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch" }, "product_reference": "jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src" }, "product_reference": "jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.7-1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch" }, "product_reference": "jgroups-1:2.4.7-1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.7-1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src" }, "product_reference": "jgroups-1:2.4.7-1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch" }, "product_reference": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src" }, "product_reference": "quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch" }, "product_reference": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src" }, "product_reference": "rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch" }, "product_reference": "rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch" }, "product_reference": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src" }, "product_reference": "xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch" }, "product_reference": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "relates_to_product_reference": "4ES-JBEAP-4.3.0" }, { "category": "default_component_of", "full_product_name": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES", "product_id": "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" }, "product_reference": "xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "relates_to_product_reference": "4ES-JBEAP-4.3.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "discovery_date": "2009-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511915" } ], "notes": [ { "category": "description", "text": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0217" }, { "category": "external", "summary": "RHBZ#511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" } ], "release_date": "2009-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1636" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass" }, { "cve": "CVE-2009-1380", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2009-05-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511224" } ], "notes": [ { "category": "description", "text": "Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 allows remote attackers to inject arbitrary web script or HTML via the filter parameter, related to the key property and the position of quote and colon characters.", "title": "Vulnerability description" }, { "category": "summary", "text": "jbossas JMX-Console cross-site-scripting in filter parameter", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1380" }, { "category": "external", "summary": "RHBZ#511224", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511224" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1380", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1380" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1380", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1380" } ], "release_date": "2009-12-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1636" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jbossas JMX-Console cross-site-scripting in filter parameter" }, { "cve": "CVE-2009-2405", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2009-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "510023" } ], "notes": [ { "category": "description", "text": "Multiple cross-site scripting (XSS) vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject arbitrary web script or HTML via the (1) monitorName, (2) objectName, (3) attribute, or (4) period parameter to createSnapshot.jsp, or the (5) monitorName, (6) objectName, (7) attribute, (8) threshold, (9) period, or (10) enabled parameter to createThresholdMonitor.jsp. NOTE: some of these details are obtained from third party information.", "title": "Vulnerability description" }, { "category": "summary", "text": "JBoss Application Server Web Console XSS", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw does not affect Red Hat JBoss Enterprise Application Platform 5 or 6. Older versions of the community JBoss Application Server 5.x may be affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2405" }, { "category": "external", "summary": "RHBZ#510023", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510023" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2405", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2405" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2405", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2405" } ], "release_date": "2009-07-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1636" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JBoss Application Server Web Console XSS" }, { "cve": "CVE-2009-2625", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512921" } ], "notes": [ { "category": "description", "text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML parsing Denial-Of-Service (6845701)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2625" }, { "category": "external", "summary": "RHBZ#512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2625" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1636" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML parsing Denial-Of-Service (6845701)" }, { "cve": "CVE-2009-3554", "discovery_date": "2009-10-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "539495" } ], "notes": [ { "category": "description", "text": "Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file.", "title": "Vulnerability description" }, { "category": "summary", "text": "JBoss EAP Twiddle logs the JMX password", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3554" }, { "category": "external", "summary": "RHBZ#539495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539495" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3554", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3554" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3554", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3554" } ], "release_date": "2009-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-09T23:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1636" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4AS-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4AS-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4AS-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-javamail-0:1.4.2-0jpp.ep1.5.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.12.patch03.ep1.el4.src", "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.12.patch03.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:glassfish-jsf-0:1.2_13-2.1.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.11.GA_CP02.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.11.GA_CP02.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.5.GA_CP01.ep1.el4.src", "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.GA_CP01.ep1.el4.noarch", "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.noarch", "4ES-JBEAP-4.3.0:jacorb-0:2.3.0-1jpp.ep1.9.el4.src", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jakarta-commons-logging-jboss-0:1.1-9.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:jboss-common-0:1.2.1-0jpp.ep1.3.el4.src", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-3.SP3_CP09.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.src", "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.18.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.21.el4.src", "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.21.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-6.GA_CP07.4.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP07-bin-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-6.GA_CP07.4.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.noarch", "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el4.src", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el4.src", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-4.SP2_CP07.2.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP05.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-4.SP2_CP07.2.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jcommon-0:1.0.16-1.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jfreechart-0:1.0.13-2.3.1.ep1.el4.src", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:jgroups-1:2.4.7-1.ep1.el4.src", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.noarch", "4ES-JBEAP-4.3.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-6.GA_CP07.ep1.3.el4.src", "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-6.GA_CP07.ep1.3.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.noarch", "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.4.patch_02.1.ep1.el4.src", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.noarch", "4ES-JBEAP-4.3.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.el4.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JBoss EAP Twiddle logs the JMX password" } ] }
rhsa-2009_1694
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.6.0-ibm packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and\nthe IBM Java 2 Software Development Kit.\n\nThis update fixes several vulnerabilities in the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit. These\nvulnerabilities are summarized on the IBM \"Security alerts\" page listed in\nthe References section. (CVE-2009-0217, CVE-2009-3865, CVE-2009-3866,\nCVE-2009-3867, CVE-2009-3868, CVE-2009-3869, CVE-2009-3871, CVE-2009-3872,\nCVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877)\n\nAll users of java-1.6.0-ibm are advised to upgrade to these updated\npackages, containing the IBM 1.6.0 SR7 Java release. All running instances\nof IBM Java must be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2009:1694", "url": "https://access.redhat.com/errata/RHSA-2009:1694" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.ibm.com/developerworks/java/jdk/alerts/", "url": "http://www.ibm.com/developerworks/java/jdk/alerts/" }, { "category": "external", "summary": "511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "530053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530053" }, { "category": "external", "summary": "530057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530057" }, { "category": "external", "summary": "530061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530061" }, { "category": "external", "summary": "530062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530062" }, { "category": "external", "summary": "530063", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530063" }, { "category": "external", "summary": "530067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530067" }, { "category": "external", "summary": "532906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532906" }, { "category": "external", "summary": "533211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533211" }, { "category": "external", "summary": "533212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533212" }, { "category": "external", "summary": "533214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533214" }, { "category": "external", "summary": "533215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533215" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1694.json" } ], "title": "Red Hat Security Advisory: java-1.6.0-ibm security update", "tracking": { "current_release_date": "2024-11-05T17:12:31+00:00", "generator": { "date": "2024-11-05T17:12:31+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2009:1694", "initial_release_date": "2009-12-23T17:33:00+00:00", "revision_history": [ { "date": "2009-12-23T17:33:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2009-12-23T12:33:56+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:12:31+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Desktop version 4 Extras", "product": { "name": "Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4 Extras", "product": { "name": "Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.7-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.7-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.7-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.7-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.7-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.7-1jpp.2.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.7-1jpp.2.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.7-1jpp.2.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "product_id": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.7-1jpp.2.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.2.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.7-1jpp.2.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "product": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "product_id": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-accessibility@1.6.0.7-1jpp.2.el5?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.7-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.7-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.7-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.7-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.7-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.7-1jpp.2.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.7-1jpp.2.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.7-1jpp.2.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "product_id": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.7-1jpp.2.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.2.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.7-1jpp.2.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "product": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "product_id": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-accessibility@1.6.0.7-1jpp.2.el5?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.7-1jpp.3.el4?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.7-1jpp.3.el4?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "product_id": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.7-1jpp.3.el4?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.7-1jpp.3.el4?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.7-1jpp.2.el5?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.7-1jpp.2.el5?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "product_id": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.7-1jpp.2.el5?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.2.el5?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.7-1jpp.2.el5?arch=ppc64\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.7-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.7-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.7-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.7-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.7-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.7-1jpp.2.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.7-1jpp.2.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.7-1jpp.2.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "product_id": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.7-1jpp.2.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.2.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.7-1jpp.2.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "product": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "product_id": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-accessibility@1.6.0.7-1jpp.2.el5?arch=ppc\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.7-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.7-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.7-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.7-1jpp.2.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.7-1jpp.2.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "product_id": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.7-1jpp.2.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.2.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "product": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "product_id": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-accessibility@1.6.0.7-1jpp.2.el5?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.7-1jpp.3.el4?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.7-1jpp.3.el4?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.7-1jpp.3.el4?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.7-1jpp.2.el5?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.7-1jpp.2.el5?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "product_id": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.7-1jpp.2.el5?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.2.el5?arch=s390\u0026epoch=1" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "discovery_date": "2009-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511915" } ], "notes": [ { "category": "description", "text": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0217" }, { "category": "external", "summary": "RHBZ#511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" } ], "release_date": "2009-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass" }, { "cve": "CVE-2009-3555", "cwe": { "id": "CWE-300", "name": "Channel Accessible by Non-Endpoint" }, "discovery_date": "2009-10-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533125" } ], "notes": [ { "category": "description", "text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "TLS: MITM attacks via session renegotiation", "title": "Vulnerability summary" }, { "category": "other", "text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3555" }, { "category": "external", "summary": "RHBZ#533125", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3555" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555" } ], "release_date": "2009-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "TLS: MITM attacks via session renegotiation" }, { "cve": "CVE-2009-3865", "discovery_date": "2009-11-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533211" } ], "notes": [ { "category": "description", "text": "The launch method in the Deployment Toolkit plugin in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752.", "title": "Vulnerability description" }, { "category": "summary", "text": "java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3865" }, { "category": "external", "summary": "RHBZ#533211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533211" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3865", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3865" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3865", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3865" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752)" }, { "cve": "CVE-2009-3866", "discovery_date": "2009-11-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533212" } ], "notes": [ { "category": "description", "text": "The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an unintended trusted application, aka Bug Id 6872824.", "title": "Vulnerability description" }, { "category": "summary", "text": "java-1.6.0-sun: Privilege escalation in the Java Web Start Installer (6872824)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3866" }, { "category": "external", "summary": "RHBZ#533212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533212" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3866", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3866" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3866", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3866" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "java-1.6.0-sun: Privilege escalation in the Java Web Start Installer (6872824)" }, { "cve": "CVE-2009-3867", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "discovery_date": "2009-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533214" } ], "notes": [ { "category": "description", "text": "Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.", "title": "Vulnerability description" }, { "category": "summary", "text": "java-1.6.0-sun: Stack-based buffer overflow via a long file: URL argument (6854303)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3867" }, { "category": "external", "summary": "RHBZ#533214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533214" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3867", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3867" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3867", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3867" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "java-1.6.0-sun: Stack-based buffer overflow via a long file: URL argument (6854303)" }, { "cve": "CVE-2009-3868", "discovery_date": "2009-11-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533215" } ], "notes": [ { "category": "description", "text": "Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970.", "title": "Vulnerability description" }, { "category": "summary", "text": "java-1.6.0-sun: Privilege escalation via crafted image file due improper color profiles parsing (6862970)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3868" }, { "category": "external", "summary": "RHBZ#533215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533215" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3868", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3868" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3868", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3868" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "java-1.6.0-sun: Privilege escalation via crafted image file due improper color profiles parsing (6862970)" }, { "cve": "CVE-2009-3869", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530062" } ], "notes": [ { "category": "description", "text": "Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JRE AWT setDifflCM stack overflow (6872357)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3869" }, { "category": "external", "summary": "RHBZ#530062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530062" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3869", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3869" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3869", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3869" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK JRE AWT setDifflCM stack overflow (6872357)" }, { "cve": "CVE-2009-3871", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530063" } ], "notes": [ { "category": "description", "text": "Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JRE AWT setBytePixels heap overflow (6872358)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3871" }, { "category": "external", "summary": "RHBZ#530063", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530063" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3871", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3871" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3871", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3871" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK JRE AWT setBytePixels heap overflow (6872358)" }, { "cve": "CVE-2009-3872", "discovery_date": "2009-11-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "532906" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969.", "title": "Vulnerability description" }, { "category": "summary", "text": "JRE JPEG JFIF Decoder issue (6862969)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3872" }, { "category": "external", "summary": "RHBZ#532906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532906" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3872", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3872" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3872", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3872" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JRE JPEG JFIF Decoder issue (6862969)" }, { "cve": "CVE-2009-3873", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530053" } ], "notes": [ { "category": "description", "text": "The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a \"quantization problem,\" aka Bug Id 6862968.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JPEG Image Writer quantization problem (6862968)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3873" }, { "category": "external", "summary": "RHBZ#530053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530053" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3873", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3873" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3873", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3873" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK JPEG Image Writer quantization problem (6862968)" }, { "cve": "CVE-2009-3874", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530067" } ], "notes": [ { "category": "description", "text": "Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK ImageI/O JPEG heap overflow (6874643)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3874" }, { "category": "external", "summary": "RHBZ#530067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530067" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3874", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3874" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3874", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3874" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK ImageI/O JPEG heap overflow (6874643)" }, { "cve": "CVE-2009-3875", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530057" } ], "notes": [ { "category": "description", "text": "The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to \"timing attack vulnerabilities,\" aka Bug Id 6863503.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3875" }, { "category": "external", "summary": "RHBZ#530057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530057" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3875", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3875" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3875", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3875" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503)" }, { "cve": "CVE-2009-3876", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530061" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3876" }, { "category": "external", "summary": "RHBZ#530061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530061" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3876", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3876" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3876", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3876" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877" }, { "cve": "CVE-2009-3877", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530061" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3877" }, { "category": "external", "summary": "RHBZ#530061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530061" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3877", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3877" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3877", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3877" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-23T17:33:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1694" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877" } ] }
rhsa-2009_1650
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix\nmultiple security issues, several bugs, and add enhancements are now\navailable for Red Hat Enterprise Linux 5 as JBEAP 4.2.0.CP08.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "JBoss Enterprise Application Platform is the market leading platform for\ninnovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a complete,\nsimple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a\nreplacement to JBEAP 4.2.0.CP07.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the Release Notes, available shortly from:\nhttp://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/\n\nThe following security issues are also fixed with this release:\n\nA missing check for the recommended minimum length of the truncated form of\nHMAC-based XML signatures was found in xml-security. An attacker could use\nthis flaw to create a specially-crafted XML file that forges an XML\nsignature, allowing the attacker to bypass authentication that is based on\nthe XML Signature specification. (CVE-2009-0217)\n\nSwatej Kumar discovered cross-site scripting (XSS) flaws in the JBoss\nApplication Server Web Console. An attacker could use these flaws to\npresent misleading data to an authenticated user, or execute arbitrary\nscripting code in the context of the authenticated user\u0027s browser session.\n(CVE-2009-2405)\n\nA flaw was found in the way the Apache Xerces2 Java Parser processed the\nSYSTEM identifier in DTDs. A remote attacker could provide a\nspecially-crafted XML file, which once parsed by an application using the\nApache Xerces2 Java Parser, would lead to a denial of service (application\nhang due to excessive CPU use). (CVE-2009-2625)\n\nAn information leak flaw was found in the twiddle command line client. The\nJMX password was logged in plain text to \"twiddle.log\". (CVE-2009-3554)\n\nAn XSS flaw was found in the JMX Console. An attacker could use this flaw\nto present misleading data to an authenticated user, or execute arbitrary\nscripting code in the context of the authenticated user\u0027s browser session.\n(CVE-2009-1380)\n\nWarning: Before applying this update, please backup the JBEAP\n\"server/[configuration]/deploy/\" directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.2 on Red Hat Enterprise Linux 5 are advised to upgrade\nto these updated packages.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2009:1650", "url": "https://access.redhat.com/errata/RHSA-2009:1650" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/", "url": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/" }, { "category": "external", "summary": "510023", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510023" }, { "category": "external", "summary": "511224", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511224" }, { "category": "external", "summary": "511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "532111", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532111" }, { "category": "external", "summary": "539495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539495" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1650.json" } ], "title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0.CP08 update", "tracking": { "current_release_date": "2024-11-05T17:11:54+00:00", "generator": { "date": "2024-11-05T17:11:54+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2009:1650", "initial_release_date": "2009-12-10T00:03:00+00:00", "revision_history": [ { "date": "2009-12-10T00:03:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2009-12-09T19:03:48+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:11:54+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0::el5" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jgroups-1:2.4.7-1.ep1.el5.src", "product": { "name": "jgroups-1:2.4.7-1.ep1.el5.src", "product_id": "jgroups-1:2.4.7-1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@2.4.7-1.ep1.el5?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "product": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "product_id": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-3.SP1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "product": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "product_id": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "product": { "name": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "product_id": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.11GA_CP02.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "product": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "product_id": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP08.1jpp.ep1.1.el5?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "product": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "product_id": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP12.0jpp.ep1.2.el5?arch=src" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "product": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "product_id": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.5.1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-seam-0:1.2.1-1.ep1.14.el5.src", "product": { "name": "jboss-seam-0:1.2.1-1.ep1.14.el5.src", "product_id": "jboss-seam-0:1.2.1-1.ep1.14.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.14.el5?arch=src" } } }, { "category": "product_version", "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "product": { "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "product_id": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs@4.2.0-6.GA_CP08.ep1.3.el5?arch=src" } } }, { "category": "product_version", "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "product": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "product_id": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/quartz@1.5.2-1jpp.patch01.ep1.4.1.el5?arch=src" } } }, { "category": "product_version", "name": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "product": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "product_id": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jacorb@2.3.0-1jpp.ep1.9.1.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "product": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "product_id": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1.3.el5.1?arch=src" } } }, { "category": "product_version", "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "product": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "product_id": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-aop@1.5.5-3.CP04.2.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jcommon-0:1.0.16-1.1.ep1.el5.src", "product": { "name": "jcommon-0:1.0.16-1.1.ep1.el5.src", "product_id": "jcommon-0:1.0.16-1.1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jcommon@1.0.16-1.1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "product": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "product_id": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "product": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "product_id": "jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jfreechart@1.0.13-2.3.1.ep1.el5?arch=src" } } }, { "category": "product_version", "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src", "product": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src", "product_id": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/xml-security@1.3.0-1.3.patch01.ep1.2.1.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "product": { "name": "jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "product_id": "jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas@4.2.0-5.GA_CP08.5.2.ep1.el5?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jgroups-1:2.4.7-1.ep1.el5.noarch", "product": { "name": "jgroups-1:2.4.7-1.ep1.el5.noarch", "product_id": "jgroups-1:2.4.7-1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@2.4.7-1.ep1.el5?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "product": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "product_id": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-3.SP1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "product": { "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "product_id": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-javadoc@3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "product": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "product_id": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "product": { "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "product_id": "hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations-javadoc@3.3.1-1.11GA_CP02.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "product": { "name": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "product_id": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.11GA_CP02.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "product": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "product_id": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP08.1jpp.ep1.1.el5?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "product": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "product_id": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP12.0jpp.ep1.2.el5?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "product": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "product_id": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.5.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "product": { "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "product_id": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager-javadoc@3.3.2-2.5.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "product": { "name": "jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "product_id": "jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam-docs@1.2.1-1.ep1.14.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "product": { "name": "jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "product_id": "jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.14.el5?arch=noarch" } } }, { "category": "product_version", "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "product": { "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "product_id": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs@4.2.0-6.GA_CP08.ep1.3.el5?arch=noarch" } } }, { "category": "product_version", "name": "rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "product": { "name": "rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "product_id": "rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs-examples@4.2.0-6.GA_CP08.ep1.3.el5?arch=noarch" } } }, { "category": "product_version", "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "product": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "product_id": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/quartz@1.5.2-1jpp.patch01.ep1.4.1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "product": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "product_id": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jacorb@2.3.0-1jpp.ep1.9.1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "product": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "product_id": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1.3.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "product": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "product_id": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-aop@1.5.5-3.CP04.2.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jcommon-0:1.0.16-1.1.ep1.el5.noarch", "product": { "name": "jcommon-0:1.0.16-1.1.ep1.el5.noarch", "product_id": "jcommon-0:1.0.16-1.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jcommon@1.0.16-1.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "product": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "product_id": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "product": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "product_id": "jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jfreechart@1.0.13-2.3.1.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "product": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "product_id": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/xml-security@1.3.0-1.3.patch01.ep1.2.1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "product": { "name": "jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "product_id": "jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-4.2.0.GA_CP08-bin@4.2.0-5.GA_CP08.5.2.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "product": { "name": "jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "product_id": "jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas@4.2.0-5.GA_CP08.5.2.ep1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "product": { "name": "jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "product_id": "jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-client@4.2.0-5.GA_CP08.5.2.ep1.el5?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch" }, "product_reference": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src" }, "product_reference": "glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch" }, "product_reference": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src" }, "product_reference": "hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch" }, "product_reference": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src" }, "product_reference": "hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch" }, "product_reference": "hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch" }, "product_reference": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src" }, "product_reference": "hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch" }, "product_reference": "hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch" }, "product_reference": "hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch" }, "product_reference": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src" }, "product_reference": "jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch" }, "product_reference": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src" }, "product_reference": "jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-1.ep1.14.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch" }, "product_reference": "jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-1.ep1.14.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src" }, "product_reference": "jboss-seam-0:1.2.1-1.ep1.14.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch" }, "product_reference": "jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch" }, "product_reference": "jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src" }, "product_reference": "jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch" }, "product_reference": "jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch" }, "product_reference": "jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch" }, "product_reference": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src" }, "product_reference": "jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch" }, "product_reference": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src" }, "product_reference": "jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.16-1.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch" }, "product_reference": "jcommon-0:1.0.16-1.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.16-1.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src" }, "product_reference": "jcommon-0:1.0.16-1.1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch" }, "product_reference": "jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.13-2.3.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src" }, "product_reference": "jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.7-1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch" }, "product_reference": "jgroups-1:2.4.7-1.ep1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.7-1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src" }, "product_reference": "jgroups-1:2.4.7-1.ep1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch" }, "product_reference": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src" }, "product_reference": "quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch" }, "product_reference": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src" }, "product_reference": "rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch" }, "product_reference": "rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch" }, "product_reference": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" }, "product_reference": "xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "discovery_date": "2009-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511915" } ], "notes": [ { "category": "description", "text": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0217" }, { "category": "external", "summary": "RHBZ#511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" } ], "release_date": "2009-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-10T00:03:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1650" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass" }, { "cve": "CVE-2009-1380", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2009-05-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511224" } ], "notes": [ { "category": "description", "text": "Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 allows remote attackers to inject arbitrary web script or HTML via the filter parameter, related to the key property and the position of quote and colon characters.", "title": "Vulnerability description" }, { "category": "summary", "text": "jbossas JMX-Console cross-site-scripting in filter parameter", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1380" }, { "category": "external", "summary": "RHBZ#511224", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511224" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1380", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1380" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1380", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1380" } ], "release_date": "2009-12-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-10T00:03:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1650" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jbossas JMX-Console cross-site-scripting in filter parameter" }, { "cve": "CVE-2009-2405", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2009-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "510023" } ], "notes": [ { "category": "description", "text": "Multiple cross-site scripting (XSS) vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject arbitrary web script or HTML via the (1) monitorName, (2) objectName, (3) attribute, or (4) period parameter to createSnapshot.jsp, or the (5) monitorName, (6) objectName, (7) attribute, (8) threshold, (9) period, or (10) enabled parameter to createThresholdMonitor.jsp. NOTE: some of these details are obtained from third party information.", "title": "Vulnerability description" }, { "category": "summary", "text": "JBoss Application Server Web Console XSS", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw does not affect Red Hat JBoss Enterprise Application Platform 5 or 6. Older versions of the community JBoss Application Server 5.x may be affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2405" }, { "category": "external", "summary": "RHBZ#510023", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510023" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2405", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2405" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2405", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2405" } ], "release_date": "2009-07-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-10T00:03:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1650" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JBoss Application Server Web Console XSS" }, { "cve": "CVE-2009-2625", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512921" } ], "notes": [ { "category": "description", "text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML parsing Denial-Of-Service (6845701)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2625" }, { "category": "external", "summary": "RHBZ#512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2625" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-10T00:03:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1650" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML parsing Denial-Of-Service (6845701)" }, { "cve": "CVE-2009-3554", "discovery_date": "2009-10-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "539495" } ], "notes": [ { "category": "description", "text": "Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file.", "title": "Vulnerability description" }, { "category": "summary", "text": "JBoss EAP Twiddle logs the JMX password", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3554" }, { "category": "external", "summary": "RHBZ#539495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539495" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3554", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3554" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3554", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3554" } ], "release_date": "2009-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-12-10T00:03:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1650" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_13-2.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.11GA_CP02.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.11GA_CP02.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.5.1.ep1.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.5.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP09.0jpp.ep1.2.4.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.9.1.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-3.CP04.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-3.SP1.ep1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.14.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.14.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-5.GA_CP08.5.2.ep1.el5.src", "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP08-bin-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-5.GA_CP08.5.2.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP08.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP12.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.16-1.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.13-2.3.1.ep1.el5.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.7-1.ep1.el5.src", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.noarch", "5Server-JBEAP-4.2.0:quartz-0:1.5.2-1jpp.patch01.ep1.4.1.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-6.GA_CP08.ep1.3.el5.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-6.GA_CP08.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.noarch", "5Server-JBEAP-4.2.0:xml-security-0:1.3.0-1.3.patch01.ep1.2.1.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JBoss EAP Twiddle logs the JMX password" } ] }
ghsa-8hfm-837h-hjg5
Vulnerability from github
The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in multiple products.
The Apache XML Security (Java) is affected by the vulnerability published in US-Cert VU #466161. See: http://www.kb.cert.org/vuls/id/466161 for more information. This bug can allow an attacker to bypass authentication by inserting/modifying a small HMAC truncation length parameter in the XML Signature HMAC based SignatureMethod algorithms.
An inexhaustive list of additional affected products includes:
1. the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM;
2. the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6;
3. Mono before 2.4.2.2;
4. XML Security Library before 1.2.12;
5. IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1;
6. Sun JDK and JRE Update 14 and earlier;
7. Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.
{ "affected": [ { "package": { "ecosystem": "Maven", "name": "org.apache.santuario:xmlsec" }, "ranges": [ { "events": [ { "introduced": "1.4.0" }, { "fixed": "1.4.3" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2009-0217" ], "database_specific": { "cwe_ids": [], "github_reviewed": true, "github_reviewed_at": "2022-11-08T14:55:27Z", "nvd_published_at": "2009-07-14T23:30:00Z", "severity": "MODERATE" }, "details": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in multiple products.\n\nThe Apache XML Security (Java) is affected by the vulnerability published in US-Cert VU #466161. See: http://www.kb.cert.org/vuls/id/466161 for more information. This bug can allow an attacker to bypass authentication by inserting/modifying a small HMAC truncation length parameter in the XML Signature HMAC based SignatureMethod algorithms.\n\nAn inexhaustive list of additional affected products includes: \n1. the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; \n2. the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; \n3. Mono before 2.4.2.2; \n4. XML Security Library before 1.2.12; \n5. IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; \n6. Sun JDK and JRE Update 14 and earlier; \n7. Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "id": "GHSA-8hfm-837h-hjg5", "modified": "2022-11-08T14:55:27Z", "published": "2022-05-02T03:13:38Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" }, { "type": "WEB", "url": "https://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html" }, { "type": "WEB", "url": "https://www.w3.org/2008/06/xmldsigcore-errata.html#e03" }, { "type": "WEB", "url": "https://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "type": "WEB", "url": "https://www.ubuntu.com/usn/USN-903-1" }, { "type": "WEB", "url": "https://www.redhat.com/support/errata/RHSA-2009-1694.html" }, { "type": "WEB", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html" }, { "type": "WEB", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html" }, { "type": "WEB", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "type": "WEB", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "type": "WEB", "url": "https://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "type": "WEB", "url": "https://www.kb.cert.org/vuls/id/WDON-7TY529" }, { "type": "WEB", "url": "https://www.kb.cert.org/vuls/id/MAPG-7TSKXQ" }, { "type": "WEB", "url": "https://www.kb.cert.org/vuls/id/466161" }, { "type": "WEB", "url": "https://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "type": "WEB", "url": "https://www.debian.org/security/2010/dsa-1995" }, { "type": "WEB", "url": "https://svn.apache.org/viewvc?revision=794013\u0026view=revision" }, { "type": "WEB", "url": "https://rhn.redhat.com/errata/RHSA-2009-1428.html" }, { "type": "WEB", "url": "https://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "type": "WEB", "url": "https://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html" }, { "type": "WEB", "url": "https://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "type": "WEB", "url": "https://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "type": "WEB", "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527" }, { "type": "WEB", "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526" }, { "type": "WEB", "url": "https://gitlab.gnome.org/Archive/xmlsec/-/commit/34b349675af9f72eb822837a8772cc1ead7115c7" }, { "type": "WEB", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "type": "WEB", "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" } ], "schema_version": "1.4.0", "severity": [], "summary": "Apache XML Security For Java vulnerable to authentication bypass by HMAC truncation" }
gsd-2009-0217
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2009-0217", "description": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "id": "GSD-2009-0217", "references": [ "https://www.suse.com/security/cve/CVE-2009-0217.html", "https://www.debian.org/security/2010/dsa-1995", "https://www.debian.org/security/2009/dsa-1849", "https://access.redhat.com/errata/RHSA-2010:0043", "https://access.redhat.com/errata/RHSA-2009:1694", "https://access.redhat.com/errata/RHSA-2009:1650", "https://access.redhat.com/errata/RHSA-2009:1649", "https://access.redhat.com/errata/RHSA-2009:1637", "https://access.redhat.com/errata/RHSA-2009:1636", "https://access.redhat.com/errata/RHSA-2009:1428", "https://access.redhat.com/errata/RHSA-2009:1201", "https://access.redhat.com/errata/RHSA-2009:1200", "https://linux.oracle.com/cve/CVE-2009-0217.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2009-0217" ], "details": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "id": "GSD-2009-0217", "modified": "2023-12-13T01:19:44.491810Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2009-0217", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2009:1428", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1428.html" }, { "name": "ADV-2009-3122", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/3122" }, { "name": "http://www.openoffice.org/security/cves/CVE-2009-0217.html", "refsource": "CONFIRM", "url": "http://www.openoffice.org/security/cves/CVE-2009-0217.html" }, { "name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526", "refsource": "CONFIRM", "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526" }, { "name": "60799", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60799" }, { "name": "GLSA-201408-19", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "name": "PK80596", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026context=SSEQTP\u0026dc=D400\u0026uid=swg24023545\u0026loc=en_US\u0026cs=UTF-8\u0026lang=en\u0026rss=ct180websphere" }, { "name": "RHSA-2009:1200", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html" }, { "name": "35776", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35776" }, { "name": "36162", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36162" }, { "name": "36494", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36494" }, { "name": "ADV-2009-2543", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/2543" }, { "name": "35858", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35858" }, { "name": "38695", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38695" }, { "name": "269208", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-269208-1" }, { "name": "DSA-1995", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2010/dsa-1995" }, { "name": "HPSBUX02476", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "35853", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35853" }, { "name": "RHSA-2009:1637", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1637.html" }, { "name": "RHSA-2009:1694", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2009-1694.html" }, { "name": "35852", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35852" }, { "name": "35854", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35854" }, { "name": "34461", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34461" }, { "name": "http://www.kb.cert.org/vuls/id/WDON-7TY529", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/WDON-7TY529" }, { "name": "http://www.mono-project.com/Vulnerabilities", "refsource": "CONFIRM", "url": "http://www.mono-project.com/Vulnerabilities" }, { "name": "1020710", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020710.1-1" }, { "name": "USN-903-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-903-1" }, { "name": "35671", "refsource": "BID", "url": "http://www.securityfocus.com/bid/35671" }, { "name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527", "refsource": "CONFIRM", "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527" }, { "name": "ADV-2010-0366", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0366" }, { "name": "55907", "refsource": "OSVDB", "url": "http://osvdb.org/55907" }, { "name": "MDVSA-2009:209", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "name": "SUSE-SA:2010:017", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html" }, { "name": "38567", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38567" }, { "name": "FEDORA-2009-8329", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "name": "263429", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263429-1" }, { "name": "http://blogs.sun.com/security/entry/cert_vulnerability_note_vu_466161", "refsource": "CONFIRM", "url": "http://blogs.sun.com/security/entry/cert_vulnerability_note_vu_466161" }, { "name": "SSRT090250", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "ADV-2009-1900", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1900" }, { "name": "1022561", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022561" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" }, { "name": "37671", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37671" }, { "name": "VU#466161", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/466161" }, { "name": "1022567", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022567" }, { "name": "RHSA-2009:1636", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1636.html" }, { "name": "PK80627", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026context=SSEQTP\u0026dc=D400\u0026uid=swg24023723\u0026loc=en_US\u0026cs=UTF-8\u0026lang=en\u0026rss=ct180websphere" }, { "name": "RHSA-2009:1649", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1649.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html" }, { "name": "TA09-294A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "name": "ADV-2009-1909", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1909" }, { "name": "ADV-2010-0635", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0635" }, { "name": "http://svn.apache.org/viewvc?revision=794013\u0026view=revision", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?revision=794013\u0026view=revision" }, { "name": "38568", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38568" }, { "name": "36180", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36180" }, { "name": "FEDORA-2009-8456", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html" }, { "name": "http://www.w3.org/2008/06/xmldsigcore-errata.html#e03", "refsource": "CONFIRM", "url": "http://www.w3.org/2008/06/xmldsigcore-errata.html#e03" }, { "name": "USN-826-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/826-1/" }, { "name": "37841", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37841" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" }, { "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1", "refsource": "CONFIRM", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1" }, { "name": "35855", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35855" }, { "name": "FEDORA-2009-8473", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html" }, { "name": "36176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36176" }, { "name": "oval:org.mitre.oval:def:7158", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7158" }, { "name": "http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html", "refsource": "MISC", "url": "http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html" }, { "name": "ADV-2009-1908", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1908" }, { "name": "FEDORA-2009-8337", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "name": "http://git.gnome.org/cgit/xmlsec/commit/?id=34b349675af9f72eb822837a8772cc1ead7115c7", "refsource": "CONFIRM", "url": "http://git.gnome.org/cgit/xmlsec/commit/?id=34b349675af9f72eb822837a8772cc1ead7115c7" }, { "name": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg21384925", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg21384925" }, { "name": "41818", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/41818" }, { "name": "1022661", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022661" }, { "name": "37300", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37300" }, { "name": "ADV-2009-1911", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1911" }, { "name": "APPLE-SA-2009-09-03-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "name": "SUSE-SA:2009:053", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "name": "oval:org.mitre.oval:def:8717", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8717" }, { "name": "RHSA-2009:1201", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html" }, { "name": "http://git.gnome.org/cgit/xmlsec/patch/?id=34b349675af9f72eb822837a8772cc1ead7115c7", "refsource": "CONFIRM", "url": "http://git.gnome.org/cgit/xmlsec/patch/?id=34b349675af9f72eb822837a8772cc1ead7115c7" }, { "name": "http://www.kb.cert.org/vuls/id/MAPG-7TSKXQ", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MAPG-7TSKXQ" }, { "name": "TA10-159B", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" }, { "name": "oval:org.mitre.oval:def:10186", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10186" }, { "name": "55895", "refsource": "OSVDB", "url": "http://osvdb.org/55895" }, { "name": "http://www.aleksey.com/xmlsec/", "refsource": "CONFIRM", "url": "http://www.aleksey.com/xmlsec/" }, { "name": "MS10-041", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041" }, { "name": "38921", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38921" }, { "name": "RHSA-2009:1650", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1650.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=511915", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "[1.4-alpha0,1.4.2]", "affected_versions": "All versions starting from 1.4-alpha0 up to 1.4.2", "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "cwe_ids": [ "CWE-1035", "CWE-937" ], "date": "2018-10-12", "description": "This package uses a parameter that defines an HMAC truncation length (`HMACOutputLength`) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "fixed_versions": [ "1.4.3" ], "identifier": "CVE-2009-0217", "identifiers": [ "CVE-2009-0217" ], "not_impacted": "All versions before 1.4-alpha0, all versions after 1.4.2", "package_slug": "maven/org.apache.santuario/xmlsec", "pubdate": "2009-07-14", "solution": "Upgrade to version 1.4.3 or above.", "title": "XML signature HMAC truncation authentication bypass", "urls": [ "http://svn.apache.org/viewvc?view=revision\u0026revision=794013", "https://bugzilla.redhat.com/CVE-2009-0217" ], "uuid": "14840313-e424-49fa-a16a-7510c93c9397" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:application_server:10.1.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:application_server:10.1.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:10.0:mp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mono_project:mono:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_component:10.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_component:10.0:mp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.1.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.1.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.1.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:application_server:10.1.4.3im:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:10.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_component:9.2:mp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_component:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.1.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.1.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:9.2:mp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:8.1:sp6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_component:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_component:8.1:sp6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:fp17:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2009-0217" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ] }, "references": { "reference_data": [ { "name": "VU#466161", "refsource": "CERT-VN", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/466161" }, { "name": "http://www.w3.org/2008/06/xmldsigcore-errata.html#e03", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "http://www.w3.org/2008/06/xmldsigcore-errata.html#e03" }, { "name": "http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html", "refsource": "MISC", "tags": [ "Vendor Advisory" ], "url": "http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html" }, { "name": "http://www.aleksey.com/xmlsec/", "refsource": "CONFIRM", "tags": [], "url": "http://www.aleksey.com/xmlsec/" }, { "name": "http://www.mono-project.com/Vulnerabilities", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "http://www.mono-project.com/Vulnerabilities" }, { "name": "ADV-2009-1911", "refsource": "VUPEN", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1911" }, { "name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527", "refsource": "CONFIRM", "tags": [], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527" }, { "name": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg21384925", "refsource": "CONFIRM", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg21384925" }, { "name": "1022561", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1022561" }, { "name": "PK80596", "refsource": "AIXAPAR", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026context=SSEQTP\u0026dc=D400\u0026uid=swg24023545\u0026loc=en_US\u0026cs=UTF-8\u0026lang=en\u0026rss=ct180websphere" }, { "name": "PK80627", "refsource": "AIXAPAR", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026context=SSEQTP\u0026dc=D400\u0026uid=swg24023723\u0026loc=en_US\u0026cs=UTF-8\u0026lang=en\u0026rss=ct180websphere" }, { "name": "ADV-2009-1908", "refsource": "VUPEN", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1908" }, { "name": "55895", "refsource": "OSVDB", "tags": [], "url": "http://osvdb.org/55895" }, { "name": "35776", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35776" }, { "name": "ADV-2009-1900", "refsource": "VUPEN", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1900" }, { "name": "55907", "refsource": "OSVDB", "tags": [], "url": "http://osvdb.org/55907" }, { "name": "1022567", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1022567" }, { "name": "35855", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35855" }, { "name": "35853", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35853" }, { "name": "35854", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35854" }, { "name": "35858", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35858" }, { "name": "http://www.kb.cert.org/vuls/id/MAPG-7TSKXQ", "refsource": "CONFIRM", "tags": [], "url": "http://www.kb.cert.org/vuls/id/MAPG-7TSKXQ" }, { "name": "http://blogs.sun.com/security/entry/cert_vulnerability_note_vu_466161", "refsource": "CONFIRM", "tags": [], "url": "http://blogs.sun.com/security/entry/cert_vulnerability_note_vu_466161" }, { "name": "http://www.kb.cert.org/vuls/id/WDON-7TY529", "refsource": "CONFIRM", "tags": [], "url": "http://www.kb.cert.org/vuls/id/WDON-7TY529" }, { "name": "263429", "refsource": "SUNALERT", "tags": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263429-1" }, { "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1", "refsource": "CONFIRM", "tags": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1" }, { "name": "35671", "refsource": "BID", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/35671" }, { "name": "RHSA-2009:1201", "refsource": "REDHAT", "tags": [], "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html" }, { "name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526", "refsource": "CONFIRM", "tags": [], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526" }, { "name": "36180", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/36180" }, { "name": "RHSA-2009:1200", "refsource": "REDHAT", "tags": [], "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html" }, { "name": "ADV-2009-1909", "refsource": "VUPEN", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1909" }, { "name": "1022661", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1022661" }, { "name": "36162", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/36162" }, { "name": "35852", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35852" }, { "name": "36176", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/36176" }, { "name": "FEDORA-2009-8329", "refsource": "FEDORA", "tags": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "name": "FEDORA-2009-8337", "refsource": "FEDORA", "tags": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "name": "FEDORA-2009-8456", "refsource": "FEDORA", "tags": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html" }, { "name": "FEDORA-2009-8473", "refsource": "FEDORA", "tags": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html" }, { "name": "MDVSA-2009:209", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "name": "36494", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/36494" }, { "name": "APPLE-SA-2009-09-03-1", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "name": "ADV-2009-2543", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2009/2543" }, { "name": "TA09-294A", "refsource": "CERT", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "name": "ADV-2009-3122", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2009/3122" }, { "name": "SUSE-SA:2009:053", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "name": "269208", "refsource": "SUNALERT", "tags": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-269208-1" }, { "name": "HPSBUX02476", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "37300", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/37300" }, { "name": "http://git.gnome.org/cgit/xmlsec/commit/?id=34b349675af9f72eb822837a8772cc1ead7115c7", "refsource": "CONFIRM", "tags": [], "url": "http://git.gnome.org/cgit/xmlsec/commit/?id=34b349675af9f72eb822837a8772cc1ead7115c7" }, { "name": "RHSA-2009:1428", "refsource": "REDHAT", "tags": [], "url": "https://rhn.redhat.com/errata/RHSA-2009-1428.html" }, { "name": "http://git.gnome.org/cgit/xmlsec/patch/?id=34b349675af9f72eb822837a8772cc1ead7115c7", "refsource": "CONFIRM", "tags": [], "url": "http://git.gnome.org/cgit/xmlsec/patch/?id=34b349675af9f72eb822837a8772cc1ead7115c7" }, { "name": "http://svn.apache.org/viewvc?revision=794013\u0026view=revision", "refsource": "CONFIRM", "tags": [], "url": "http://svn.apache.org/viewvc?revision=794013\u0026view=revision" }, { "name": "RHSA-2009:1649", "refsource": "REDHAT", "tags": [], "url": "https://rhn.redhat.com/errata/RHSA-2009-1649.html" }, { "name": "RHSA-2009:1637", "refsource": "REDHAT", "tags": [], "url": "https://rhn.redhat.com/errata/RHSA-2009-1637.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=511915", "refsource": "CONFIRM", "tags": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "name": "RHSA-2009:1636", "refsource": "REDHAT", "tags": [], "url": "https://rhn.redhat.com/errata/RHSA-2009-1636.html" }, { "name": "37671", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/37671" }, { "name": "RHSA-2009:1650", "refsource": "REDHAT", "tags": [], "url": "https://rhn.redhat.com/errata/RHSA-2009-1650.html" }, { "name": "37841", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/37841" }, { "name": "RHSA-2009:1694", "refsource": "REDHAT", "tags": [], "url": "http://www.redhat.com/support/errata/RHSA-2009-1694.html" }, { "name": "38567", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/38567" }, { "name": "38568", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/38568" }, { "name": "ADV-2010-0366", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2010/0366" }, { "name": "DSA-1995", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2010/dsa-1995" }, { "name": "http://www.openoffice.org/security/cves/CVE-2009-0217.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.openoffice.org/security/cves/CVE-2009-0217.html" }, { "name": "38695", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/38695" }, { "name": "USN-903-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/USN-903-1" }, { "name": "SUSE-SA:2010:017", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html" }, { "name": "38921", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/38921" }, { "name": "ADV-2010-0635", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2010/0635" }, { "name": "1020710", "refsource": "SUNALERT", "tags": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020710.1-1" }, { "name": "TA10-159B", "refsource": "CERT", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" }, { "name": "34461", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/34461" }, { "name": "GLSA-201408-19", "refsource": "GENTOO", "tags": [], "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "name": "60799", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/60799" }, { "name": "41818", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/41818" }, { "name": "oval:org.mitre.oval:def:8717", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8717" }, { "name": "oval:org.mitre.oval:def:7158", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7158" }, { "name": "oval:org.mitre.oval:def:10186", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10186" }, { "name": "USN-826-1", "refsource": "UBUNTU", "tags": [], "url": "https://usn.ubuntu.com/826-1/" }, { "name": "MS10-041", "refsource": "MS", "tags": [], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false } }, "lastModifiedDate": "2018-10-12T21:49Z", "publishedDate": "2009-07-14T23:30Z" } } }
wid-sec-w-2022-1738
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM InfoSphere Information Server ist eine Softwareplattform zur Integration heterogener Daten.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2022-1738 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1738.json" }, { "category": "self", "summary": "WID-SEC-2022-1738 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1738" }, { "category": "external", "summary": "IBM Security Bulletin 7038982 vom 2023-09-28", "url": "https://www.ibm.com/support/pages/node/7038982" }, { "category": "external", "summary": "IBM Security Bulletin: 6829353 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829353" }, { "category": "external", "summary": "IBM Security Bulletin: 6829371 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829371" }, { "category": "external", "summary": "IBM Security Bulletin: 6829373 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829373" }, { "category": "external", "summary": "IBM Security Bulletin: 6829335 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829335" }, { "category": "external", "summary": "IBM Security Bulletin: 6829311 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829311" }, { "category": "external", "summary": "IBM Security Bulletin: 6829369 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829369" }, { "category": "external", "summary": "IBM Security Bulletin: 6829325 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829325" }, { "category": "external", "summary": "IBM Security Bulletin: 6829365 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829365" }, { "category": "external", "summary": "IBM Security Bulletin: 6829361 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829361" }, { "category": "external", "summary": "IBM Security Bulletin: 6829339 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829339" }, { "category": "external", "summary": "IBM Security Bulletin: 6829349 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829349" }, { "category": "external", "summary": "IBM Security Bulletin: 6829363 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829363" }, { "category": "external", "summary": "IBM Security Bulletin: 6829327 vom 2022-10-16", "url": "https://www.ibm.com/support/pages/node/6829327" }, { "category": "external", "summary": "IBM Security Bulletin 6955819 vom 2023-02-15", "url": "https://www.ibm.com/support/pages/node/6955819" } ], "source_lang": "en-US", "title": "IBM InfoSphere Information Server: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-09-27T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:00:50.645+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2022-1738", "initial_release_date": "2022-10-16T22:00:00.000+00:00", "revision_history": [ { "date": "2022-10-16T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2022-11-03T23:00:00.000+00:00", "number": "2", "summary": "CVE erg\u00e4nzt" }, { "date": "2023-02-15T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2023-09-27T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von IBM aufgenommen" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM InfoSphere Information Server 11.7", "product": { "name": "IBM InfoSphere Information Server 11.7", "product_id": "444803", "product_identification_helper": { "cpe": "cpe:/a:ibm:infosphere_information_server:11.7" } } }, { "category": "product_name", "name": "IBM QRadar SIEM", "product": { "name": "IBM QRadar SIEM", "product_id": "T021415", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:-" } } } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2009-0217" }, { "cve": "CVE-2009-2625", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2009-2625" }, { "cve": "CVE-2012-0881", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2012-0881" }, { "cve": "CVE-2012-2098", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2012-2098" }, { "cve": "CVE-2013-2172", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2013-2172" }, { "cve": "CVE-2013-4002", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2013-4002" }, { "cve": "CVE-2013-4517", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2013-4517" }, { "cve": "CVE-2015-4852", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2015-4852" }, { "cve": "CVE-2015-6420", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2015-6420" }, { "cve": "CVE-2015-7501", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2015-7501" }, { "cve": "CVE-2017-15708", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2017-15708" }, { "cve": "CVE-2019-13116", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2019-13116" }, { "cve": "CVE-2021-33813", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2021-33813" }, { "cve": "CVE-2021-36373", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2021-36373" }, { "cve": "CVE-2021-36374", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2021-36374" }, { "cve": "CVE-2021-40690", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2021-40690" }, { "cve": "CVE-2021-41089", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2021-41089" }, { "cve": "CVE-2021-41091", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2021-41091" }, { "cve": "CVE-2022-22442", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2022-22442" }, { "cve": "CVE-2022-23437", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2022-23437" }, { "cve": "CVE-2022-24769", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2022-24769" }, { "cve": "CVE-2022-30608", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2022-30608" }, { "cve": "CVE-2022-30615", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2022-30615" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-35642", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2022-35642" }, { "cve": "CVE-2022-35717", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2022-35717" }, { "cve": "CVE-2022-36109", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2022-36109" }, { "cve": "CVE-2022-40235", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2022-40235" }, { "cve": "CVE-2022-40747", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind teilweise auf Fehler in Komponenten des Produktes zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "444803", "T021415" ] }, "release_date": "2022-10-16T22:00:00Z", "title": "CVE-2022-40747" } ] }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.