Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2009-3555 (GCVE-0-2009-3555)
Vulnerability from cvelistv5 – Published: 2009-11-09 17:00 – Updated: 2026-05-27 15:38
VLAI
EPSS
Summary
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
Severity
9.8 (Critical)
CWE
- n/a
Assigner
References
310 references
Date Public
2009-11-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:31:10.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2010-05-18-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
},
{
"name": "1023427",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023427"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100081611"
},
{
"name": "62210",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62210"
},
{
"name": "37640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37640"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/support/alerts/aid-020810.txt"
},
{
"name": "ADV-2010-0916",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0916"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100114327"
},
{
"name": "RHSA-2010:0167",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0167.html"
},
{
"name": "ADV-2010-2010",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2010"
},
{
"name": "FEDORA-2009-12750",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html"
},
{
"name": "ADV-2010-0086",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0086"
},
{
"name": "ADV-2010-1673",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1673"
},
{
"name": "[tls] 20091104 TLS renegotiation issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.ietf.org/mail-archive/web/tls/current/msg03948.html"
},
{
"name": "37656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37656"
},
{
"name": "RHSA-2010:0865",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html"
},
{
"name": "39628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39628"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"name": "42724",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42724"
},
{
"name": "ADV-2009-3310",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3310"
},
{
"name": "ADV-2009-3205",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3205"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during"
},
{
"name": "39461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39461"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100114315"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/Relnote.php?ver=481"
},
{
"name": "1023204",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023204"
},
{
"name": "40866",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40866"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "TA10-222A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
},
{
"name": "1023211",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023211"
},
{
"name": "SSRT090249",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686"
},
{
"name": "39317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39317"
},
{
"name": "1023212",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023212"
},
{
"name": "SUSE-SA:2010:061",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"
},
{
"name": "39127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39127"
},
{
"name": "40545",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40545"
},
{
"name": "ADV-2010-3069",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3069"
},
{
"name": "[4.5] 010: SECURITY FIX: November 26, 2009",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://openbsd.org/errata45.html#010_openssl"
},
{
"name": "1023210",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023210"
},
{
"name": "1023270",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023270"
},
{
"name": "40070",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40070"
},
{
"name": "1023273",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023273"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kbase.redhat.com/faq/docs/DOC-20491"
},
{
"name": "USN-927-5",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-927-5"
},
{
"name": "PM12247",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247"
},
{
"name": "SUSE-SU-2011:0847",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"
},
{
"name": "MDVSA-2010:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089"
},
{
"name": "RHSA-2010:0770",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openssl.org/news/secadv_20091111.txt"
},
{
"name": "1023275",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023275"
},
{
"name": "DSA-3253",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3253"
},
{
"name": "ADV-2009-3484",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3484"
},
{
"name": "1023207",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023207"
},
{
"name": "37859",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37859"
},
{
"name": "SSRT101846",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"name": "1021752",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1"
},
{
"name": "FEDORA-2010-6131",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html"
},
{
"name": "ADV-2010-0848",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0848"
},
{
"name": "[oss-security] 20091107 Re: [TLS] CVE-2009-3555 for TLS renegotiation MITM attacks",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/07/3"
},
{
"name": "39819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39819"
},
{
"name": "IC68055",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.links.org/?p=786"
},
{
"name": "60521",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/60521"
},
{
"name": "[oss-security] 20091123 Re: CVEs for nginx",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/23/10"
},
{
"name": "VU#120541",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/120541"
},
{
"name": "1023217",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023217"
},
{
"name": "RHSA-2010:0768",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html"
},
{
"name": "ADV-2009-3353",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3353"
},
{
"name": "FEDORA-2010-5357",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"
},
{
"name": "39136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39136"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2009-3555.html"
},
{
"name": "ADV-2011-0032",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0032"
},
{
"name": "1023148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023148"
},
{
"name": "openSUSE-SU-2011:0845",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"
},
{
"name": "36935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tombom.co.uk/blog/?p=85"
},
{
"name": "SSRT090208",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"name": "ADV-2010-1107",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"name": "1023218",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023218"
},
{
"name": "ADV-2010-1350",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1350"
},
{
"name": "RHSA-2010:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
},
{
"name": "42379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42379"
},
{
"name": "FEDORA-2009-12775",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html"
},
{
"name": "20091109 Transport Layer Security Renegotiation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml"
},
{
"name": "IC67848",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848"
},
{
"name": "1023213",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023213"
},
{
"name": "FEDORA-2010-16240",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"
},
{
"name": "ADV-2010-1793",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1793"
},
{
"name": "oval:org.mitre.oval:def:11617",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://extendedsubset.com/?p=8"
},
{
"name": "37292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37292"
},
{
"name": "SSRT100817",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522176"
},
{
"name": "tls-renegotiation-weak-security(54158)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54158"
},
{
"name": "APPLE-SA-2010-05-18-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
},
{
"name": "39278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39278"
},
{
"name": "1023205",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023205"
},
{
"name": "RHSA-2010:0130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0130.html"
},
{
"name": "HPSBUX02482",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686"
},
{
"name": "HPSBHF03293",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4004"
},
{
"name": "1023215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023215"
},
{
"name": "USN-1010-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1010-1"
},
{
"name": "1023206",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023206"
},
{
"name": "SUSE-SR:2010:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
},
{
"name": "GLSA-200912-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200912-01.xml"
},
{
"name": "SSRT090180",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127419602507642\u0026w=2"
},
{
"name": "ADV-2009-3313",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3313"
},
{
"name": "274990",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1"
},
{
"name": "1023208",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023208"
},
{
"name": "43308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43308"
},
{
"name": "1023214",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023214"
},
{
"name": "SUSE-SA:2009:057",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html"
},
{
"name": "38781",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38781"
},
{
"name": "HPSBOV02762",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
},
{
"name": "HPSBMA02534",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127419602507642\u0026w=2"
},
{
"name": "DSA-1934",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1934"
},
{
"name": "FEDORA-2009-12782",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html"
},
{
"name": "oval:org.mitre.oval:def:7478",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478"
},
{
"name": "1023271",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023271"
},
{
"name": "APPLE-SA-2010-01-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html"
},
{
"name": "[cryptography] 20091105 OpenSSL 0.9.8l released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=cryptography\u0026m=125752275331877\u0026w=2"
},
{
"name": "42467",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42467"
},
{
"name": "20091130 TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508130/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:7315",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315"
},
{
"name": "1023224",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023224"
},
{
"name": "SUSE-SR:2010:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
},
{
"name": "USN-927-4",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-927-4"
},
{
"name": "41490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41490"
},
{
"name": "20091124 rPSA-2009-0155-1 httpd mod_ssl",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508075/100/0/threaded"
},
{
"name": "1023243",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023243"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html"
},
{
"name": "37504",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37504"
},
{
"name": "1023219",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023219"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sysoev.ru/nginx/patch.cve-2009-3555.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html"
},
{
"name": "1023163",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023163"
},
{
"name": "HPSBHF02706",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2"
},
{
"name": "ADV-2009-3521",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3521"
},
{
"name": "oval:org.mitre.oval:def:7973",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973"
},
{
"name": "HPSBMA02568",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"name": "oval:org.mitre.oval:def:10088",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088"
},
{
"name": "44183",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44183"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
},
{
"name": "42808",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42808"
},
{
"name": "39500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39500"
},
{
"name": "oval:org.mitre.oval:def:11578",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name": "ADV-2009-3220",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3220"
},
{
"name": "SSRT100179",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name": "SSRT100089",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
},
{
"name": "RHSA-2010:0165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0165.html"
},
{
"name": "20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded"
},
{
"name": "RHSA-2010:0987",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=545755"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21426108"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.iss.net/archive/sslmitmiscsrf.html"
},
{
"name": "1023411",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023411"
},
{
"name": "RHSA-2010:0339",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html"
},
{
"name": "RHSA-2010:0986",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html"
},
{
"name": "ADV-2009-3164",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3164"
},
{
"name": "37383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37383"
},
{
"name": "FEDORA-2009-12229",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html"
},
{
"name": "44954",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44954"
},
{
"name": "[tls] 20091104 MITM attack on delayed TLS-client auth through renegotiation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.ietf.org/mail-archive/web/tls/current/msg03928.html"
},
{
"name": "HPSBUX02524",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100070150"
},
{
"name": "40747",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40747"
},
{
"name": "HPSBUX02498",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126150535619567\u0026w=2"
},
{
"name": "HPSBMU02759",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522176"
},
{
"name": "39292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39292"
},
{
"name": "42816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42816"
},
{
"name": "IC68054",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054"
},
{
"name": "273029",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1"
},
{
"name": "FEDORA-2009-12604",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21432298"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://extendedsubset.com/Renegotiating_TLS.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025312"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24006386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4170"
},
{
"name": "20091118 TLS / SSLv3 vulnerability explained (DRAFT)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507952/100/0/threaded"
},
{
"name": "1023209",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023209"
},
{
"name": "PM00675",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=PM00675\u0026apar=only"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"name": "HPSBOV02683",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"name": "48577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48577"
},
{
"name": "SSA:2009-320-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.597446"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.links.org/?p=789"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.opera.com/docs/changelogs/unix/1060/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html"
},
{
"name": "RHSA-2011:0880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
},
{
"name": "SUSE-SR:2010:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
},
{
"name": "[oss-security] 20091107 Re: CVE-2009-3555 for TLS renegotiation MITM attacks",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/06/3"
},
{
"name": "FEDORA-2009-12305",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0155"
},
{
"name": "SUSE-SR:2010:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX123359"
},
{
"name": "37501",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37501"
},
{
"name": "MDVSA-2010:076",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
},
{
"name": "HPSBUX02517",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
},
{
"name": "ADV-2009-3587",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3587"
},
{
"name": "39632",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39632"
},
{
"name": "SSRT090264",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126150535619567\u0026w=2"
},
{
"name": "38687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38687"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526689"
},
{
"name": "MS10-049",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049"
},
{
"name": "ADV-2010-0982",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0982"
},
{
"name": "SSRT100825",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
},
{
"name": "37399",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37399"
},
{
"name": "USN-927-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-927-1"
},
{
"name": "1023272",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023272"
},
{
"name": "FEDORA-2009-12606",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html"
},
{
"name": "ADV-2010-3126",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3126"
},
{
"name": "37320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37320"
},
{
"name": "ADV-2009-3165",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3165"
},
{
"name": "ADV-2010-1639",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1639"
},
{
"name": "38020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38020"
},
{
"name": "USN-923-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-923-1"
},
{
"name": "39243",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39243"
},
{
"name": "oval:org.mitre.oval:def:8366",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366"
},
{
"name": "37453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37453"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html"
},
{
"name": "ADV-2010-0933",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0933"
},
{
"name": "SSRT100219",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "41972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41972"
},
{
"name": "ADV-2010-3086",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3086"
},
{
"name": "DSA-2141",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2141"
},
{
"name": "1024789",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024789"
},
{
"name": "RHSA-2010:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0155.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html"
},
{
"name": "ADV-2011-0033",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0033"
},
{
"name": "RHSA-2010:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
},
{
"name": "1023216",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023216"
},
{
"name": "41480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41480"
},
{
"name": "ADV-2011-0086",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0086"
},
{
"name": "41818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41818"
},
{
"name": "37604",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37604"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.opera.com/support/search/view/944/"
},
{
"name": "[announce] 20091107 CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2"
},
{
"name": "SUSE-SR:2010:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name": "TA10-287A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.links.org/?p=780"
},
{
"name": "RHSA-2010:0119",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0119.html"
},
{
"name": "38056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38056"
},
{
"name": "ADV-2010-0748",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0748"
},
{
"name": "37675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37675"
},
{
"name": "oval:org.mitre.oval:def:8535",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535"
},
{
"name": "HPSBMA02547",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name": "SSRT100058",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html"
},
{
"name": "RHSA-2010:0786",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt"
},
{
"name": "38003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4171"
},
{
"name": "1023428",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023428"
},
{
"name": "SSRT100613",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2"
},
{
"name": "[oss-security] 20091120 CVEs for nginx",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/1"
},
{
"name": "ADV-2009-3354",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3354"
},
{
"name": "1023274",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023274"
},
{
"name": "FEDORA-2009-12968",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html"
},
{
"name": "39242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39242"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA50"
},
{
"name": "38241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38241"
},
{
"name": "42377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42377"
},
{
"name": "GLSA-201203-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201203-22.xml"
},
{
"name": "[oss-security] 20091105 CVE-2009-3555 for TLS renegotiation MITM attacks",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/05/3"
},
{
"name": "SUSE-SR:2010:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"name": "60972",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/60972"
},
{
"name": "1023426",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023426"
},
{
"name": "38484",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38484"
},
{
"name": "MDVSA-2010:084",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.betanews.com/article/1257452450"
},
{
"name": "1021653",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "[4.6] 004: SECURITY FIX: November 26, 2009",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://openbsd.org/errata46.html#004_openssl"
},
{
"name": "41967",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41967"
},
{
"name": "RHSA-2010:0807",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html"
},
{
"name": "ADV-2010-1191",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1191"
},
{
"name": "20091111 Re: SSL/TLS MiTM PoC",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2009/Nov/139"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html"
},
{
"name": "[oss-security] 20091105 Re: CVE-2009-3555 for TLS renegotiation MITM attacks",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/05/5"
},
{
"name": "39713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39713"
},
{
"name": "42733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42733"
},
{
"name": "37291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37291"
},
{
"name": "FEDORA-2010-16312",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"
},
{
"name": "FEDORA-2010-5942",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html"
},
{
"name": "ADV-2010-2745",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2745"
},
{
"name": "273350",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1"
},
{
"name": "ADV-2010-0994",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0994"
},
{
"name": "ADV-2010-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0173"
},
{
"name": "ADV-2010-1054",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1054"
},
{
"name": "65202",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/65202"
},
{
"name": "HPSBGN02562",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041"
},
{
"name": "FEDORA-2010-16294",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"
},
{
"name": "[gnutls-devel] 20091105 Re: TLS renegotiation MITM",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html"
},
{
"name": "20131121 ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://clicky.me/tlsvuln"
},
{
"name": "42811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42811"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2009-3555",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-27T15:38:52.013476Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-300",
"description": "CWE-300 Channel Accessible by Non-Endpoint",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:38:56.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/10579"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-13T16:08:08.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "APPLE-SA-2010-05-18-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
},
{
"name": "1023427",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023427"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/css/P8/documents/100081611"
},
{
"name": "62210",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62210"
},
{
"name": "37640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37640"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/support/alerts/aid-020810.txt"
},
{
"name": "ADV-2010-0916",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0916"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/css/P8/documents/100114327"
},
{
"name": "RHSA-2010:0167",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0167.html"
},
{
"name": "ADV-2010-2010",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2010"
},
{
"name": "FEDORA-2009-12750",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html"
},
{
"name": "ADV-2010-0086",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0086"
},
{
"name": "ADV-2010-1673",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1673"
},
{
"name": "[tls] 20091104 TLS renegotiation issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.ietf.org/mail-archive/web/tls/current/msg03948.html"
},
{
"name": "37656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37656"
},
{
"name": "RHSA-2010:0865",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html"
},
{
"name": "39628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39628"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"name": "42724",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42724"
},
{
"name": "ADV-2009-3310",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3310"
},
{
"name": "ADV-2009-3205",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3205"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during"
},
{
"name": "39461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39461"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/css/P8/documents/100114315"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/Relnote.php?ver=481"
},
{
"name": "1023204",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023204"
},
{
"name": "40866",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40866"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "TA10-222A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
},
{
"name": "1023211",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023211"
},
{
"name": "SSRT090249",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686"
},
{
"name": "39317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39317"
},
{
"name": "1023212",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023212"
},
{
"name": "SUSE-SA:2010:061",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"
},
{
"name": "39127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39127"
},
{
"name": "40545",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40545"
},
{
"name": "ADV-2010-3069",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3069"
},
{
"name": "[4.5] 010: SECURITY FIX: November 26, 2009",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://openbsd.org/errata45.html#010_openssl"
},
{
"name": "1023210",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023210"
},
{
"name": "1023270",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023270"
},
{
"name": "40070",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40070"
},
{
"name": "1023273",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023273"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kbase.redhat.com/faq/docs/DOC-20491"
},
{
"name": "USN-927-5",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-927-5"
},
{
"name": "PM12247",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247"
},
{
"name": "SUSE-SU-2011:0847",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"
},
{
"name": "MDVSA-2010:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089"
},
{
"name": "RHSA-2010:0770",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openssl.org/news/secadv_20091111.txt"
},
{
"name": "1023275",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023275"
},
{
"name": "DSA-3253",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3253"
},
{
"name": "ADV-2009-3484",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3484"
},
{
"name": "1023207",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023207"
},
{
"name": "37859",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37859"
},
{
"name": "SSRT101846",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"name": "1021752",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1"
},
{
"name": "FEDORA-2010-6131",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html"
},
{
"name": "ADV-2010-0848",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0848"
},
{
"name": "[oss-security] 20091107 Re: [TLS] CVE-2009-3555 for TLS renegotiation MITM attacks",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/07/3"
},
{
"name": "39819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39819"
},
{
"name": "IC68055",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.links.org/?p=786"
},
{
"name": "60521",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/60521"
},
{
"name": "[oss-security] 20091123 Re: CVEs for nginx",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/23/10"
},
{
"name": "VU#120541",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/120541"
},
{
"name": "1023217",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023217"
},
{
"name": "RHSA-2010:0768",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html"
},
{
"name": "ADV-2009-3353",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3353"
},
{
"name": "FEDORA-2010-5357",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"
},
{
"name": "39136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39136"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2009-3555.html"
},
{
"name": "ADV-2011-0032",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0032"
},
{
"name": "1023148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023148"
},
{
"name": "openSUSE-SU-2011:0845",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"
},
{
"name": "36935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tombom.co.uk/blog/?p=85"
},
{
"name": "SSRT090208",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"name": "ADV-2010-1107",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"name": "1023218",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023218"
},
{
"name": "ADV-2010-1350",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1350"
},
{
"name": "RHSA-2010:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
},
{
"name": "42379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42379"
},
{
"name": "FEDORA-2009-12775",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html"
},
{
"name": "20091109 Transport Layer Security Renegotiation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml"
},
{
"name": "IC67848",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848"
},
{
"name": "1023213",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023213"
},
{
"name": "FEDORA-2010-16240",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"
},
{
"name": "ADV-2010-1793",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1793"
},
{
"name": "oval:org.mitre.oval:def:11617",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://extendedsubset.com/?p=8"
},
{
"name": "37292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37292"
},
{
"name": "SSRT100817",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/522176"
},
{
"name": "tls-renegotiation-weak-security(54158)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54158"
},
{
"name": "APPLE-SA-2010-05-18-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
},
{
"name": "39278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39278"
},
{
"name": "1023205",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023205"
},
{
"name": "RHSA-2010:0130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0130.html"
},
{
"name": "HPSBUX02482",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686"
},
{
"name": "HPSBHF03293",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4004"
},
{
"name": "1023215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023215"
},
{
"name": "USN-1010-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1010-1"
},
{
"name": "1023206",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023206"
},
{
"name": "SUSE-SR:2010:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
},
{
"name": "GLSA-200912-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200912-01.xml"
},
{
"name": "SSRT090180",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127419602507642\u0026w=2"
},
{
"name": "ADV-2009-3313",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3313"
},
{
"name": "274990",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1"
},
{
"name": "1023208",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023208"
},
{
"name": "43308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43308"
},
{
"name": "1023214",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023214"
},
{
"name": "SUSE-SA:2009:057",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html"
},
{
"name": "38781",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38781"
},
{
"name": "HPSBOV02762",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
},
{
"name": "HPSBMA02534",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127419602507642\u0026w=2"
},
{
"name": "DSA-1934",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1934"
},
{
"name": "FEDORA-2009-12782",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html"
},
{
"name": "oval:org.mitre.oval:def:7478",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478"
},
{
"name": "1023271",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023271"
},
{
"name": "APPLE-SA-2010-01-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html"
},
{
"name": "[cryptography] 20091105 OpenSSL 0.9.8l released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=cryptography\u0026m=125752275331877\u0026w=2"
},
{
"name": "42467",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42467"
},
{
"name": "20091130 TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508130/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:7315",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315"
},
{
"name": "1023224",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023224"
},
{
"name": "SUSE-SR:2010:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
},
{
"name": "USN-927-4",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-927-4"
},
{
"name": "41490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41490"
},
{
"name": "20091124 rPSA-2009-0155-1 httpd mod_ssl",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508075/100/0/threaded"
},
{
"name": "1023243",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023243"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html"
},
{
"name": "37504",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37504"
},
{
"name": "1023219",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023219"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sysoev.ru/nginx/patch.cve-2009-3555.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html"
},
{
"name": "1023163",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023163"
},
{
"name": "HPSBHF02706",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2"
},
{
"name": "ADV-2009-3521",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3521"
},
{
"name": "oval:org.mitre.oval:def:7973",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973"
},
{
"name": "HPSBMA02568",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"name": "oval:org.mitre.oval:def:10088",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088"
},
{
"name": "44183",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44183"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
},
{
"name": "42808",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42808"
},
{
"name": "39500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39500"
},
{
"name": "oval:org.mitre.oval:def:11578",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name": "ADV-2009-3220",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3220"
},
{
"name": "SSRT100179",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name": "SSRT100089",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
},
{
"name": "RHSA-2010:0165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0165.html"
},
{
"name": "20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded"
},
{
"name": "RHSA-2010:0987",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=545755"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21426108"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.iss.net/archive/sslmitmiscsrf.html"
},
{
"name": "1023411",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023411"
},
{
"name": "RHSA-2010:0339",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html"
},
{
"name": "RHSA-2010:0986",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html"
},
{
"name": "ADV-2009-3164",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3164"
},
{
"name": "37383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37383"
},
{
"name": "FEDORA-2009-12229",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html"
},
{
"name": "44954",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44954"
},
{
"name": "[tls] 20091104 MITM attack on delayed TLS-client auth through renegotiation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.ietf.org/mail-archive/web/tls/current/msg03928.html"
},
{
"name": "HPSBUX02524",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/css/P8/documents/100070150"
},
{
"name": "40747",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40747"
},
{
"name": "HPSBUX02498",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126150535619567\u0026w=2"
},
{
"name": "HPSBMU02759",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/522176"
},
{
"name": "39292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39292"
},
{
"name": "42816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42816"
},
{
"name": "IC68054",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054"
},
{
"name": "273029",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1"
},
{
"name": "FEDORA-2009-12604",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21432298"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://extendedsubset.com/Renegotiating_TLS.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025312"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24006386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4170"
},
{
"name": "20091118 TLS / SSLv3 vulnerability explained (DRAFT)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507952/100/0/threaded"
},
{
"name": "1023209",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023209"
},
{
"name": "PM00675",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=PM00675\u0026apar=only"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"name": "HPSBOV02683",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"name": "48577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48577"
},
{
"name": "SSA:2009-320-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.597446"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.links.org/?p=789"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.opera.com/docs/changelogs/unix/1060/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html"
},
{
"name": "RHSA-2011:0880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
},
{
"name": "SUSE-SR:2010:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
},
{
"name": "[oss-security] 20091107 Re: CVE-2009-3555 for TLS renegotiation MITM attacks",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/06/3"
},
{
"name": "FEDORA-2009-12305",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0155"
},
{
"name": "SUSE-SR:2010:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX123359"
},
{
"name": "37501",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37501"
},
{
"name": "MDVSA-2010:076",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
},
{
"name": "HPSBUX02517",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
},
{
"name": "ADV-2009-3587",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3587"
},
{
"name": "39632",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39632"
},
{
"name": "SSRT090264",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126150535619567\u0026w=2"
},
{
"name": "38687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38687"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526689"
},
{
"name": "MS10-049",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049"
},
{
"name": "ADV-2010-0982",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0982"
},
{
"name": "SSRT100825",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
},
{
"name": "37399",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37399"
},
{
"name": "USN-927-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-927-1"
},
{
"name": "1023272",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023272"
},
{
"name": "FEDORA-2009-12606",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html"
},
{
"name": "ADV-2010-3126",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3126"
},
{
"name": "37320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37320"
},
{
"name": "ADV-2009-3165",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3165"
},
{
"name": "ADV-2010-1639",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1639"
},
{
"name": "38020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38020"
},
{
"name": "USN-923-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-923-1"
},
{
"name": "39243",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39243"
},
{
"name": "oval:org.mitre.oval:def:8366",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366"
},
{
"name": "37453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37453"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html"
},
{
"name": "ADV-2010-0933",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0933"
},
{
"name": "SSRT100219",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "41972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41972"
},
{
"name": "ADV-2010-3086",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3086"
},
{
"name": "DSA-2141",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2141"
},
{
"name": "1024789",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024789"
},
{
"name": "RHSA-2010:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0155.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html"
},
{
"name": "ADV-2011-0033",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0033"
},
{
"name": "RHSA-2010:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
},
{
"name": "1023216",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023216"
},
{
"name": "41480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41480"
},
{
"name": "ADV-2011-0086",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0086"
},
{
"name": "41818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41818"
},
{
"name": "37604",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37604"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.opera.com/support/search/view/944/"
},
{
"name": "[announce] 20091107 CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2"
},
{
"name": "SUSE-SR:2010:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name": "TA10-287A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.links.org/?p=780"
},
{
"name": "RHSA-2010:0119",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0119.html"
},
{
"name": "38056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38056"
},
{
"name": "ADV-2010-0748",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0748"
},
{
"name": "37675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37675"
},
{
"name": "oval:org.mitre.oval:def:8535",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535"
},
{
"name": "HPSBMA02547",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name": "SSRT100058",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html"
},
{
"name": "RHSA-2010:0786",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt"
},
{
"name": "38003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4171"
},
{
"name": "1023428",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023428"
},
{
"name": "SSRT100613",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2"
},
{
"name": "[oss-security] 20091120 CVEs for nginx",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/1"
},
{
"name": "ADV-2009-3354",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3354"
},
{
"name": "1023274",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023274"
},
{
"name": "FEDORA-2009-12968",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html"
},
{
"name": "39242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39242"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA50"
},
{
"name": "38241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38241"
},
{
"name": "42377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42377"
},
{
"name": "GLSA-201203-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201203-22.xml"
},
{
"name": "[oss-security] 20091105 CVE-2009-3555 for TLS renegotiation MITM attacks",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/05/3"
},
{
"name": "SUSE-SR:2010:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"name": "60972",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/60972"
},
{
"name": "1023426",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023426"
},
{
"name": "38484",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38484"
},
{
"name": "MDVSA-2010:084",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.betanews.com/article/1257452450"
},
{
"name": "1021653",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "[4.6] 004: SECURITY FIX: November 26, 2009",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://openbsd.org/errata46.html#004_openssl"
},
{
"name": "41967",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41967"
},
{
"name": "RHSA-2010:0807",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html"
},
{
"name": "ADV-2010-1191",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1191"
},
{
"name": "20091111 Re: SSL/TLS MiTM PoC",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2009/Nov/139"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html"
},
{
"name": "[oss-security] 20091105 Re: CVE-2009-3555 for TLS renegotiation MITM attacks",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/05/5"
},
{
"name": "39713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39713"
},
{
"name": "42733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42733"
},
{
"name": "37291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37291"
},
{
"name": "FEDORA-2010-16312",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"
},
{
"name": "FEDORA-2010-5942",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html"
},
{
"name": "ADV-2010-2745",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2745"
},
{
"name": "273350",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1"
},
{
"name": "ADV-2010-0994",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0994"
},
{
"name": "ADV-2010-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0173"
},
{
"name": "ADV-2010-1054",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1054"
},
{
"name": "65202",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/65202"
},
{
"name": "HPSBGN02562",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041"
},
{
"name": "FEDORA-2010-16294",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"
},
{
"name": "[gnutls-devel] 20091105 Re: TLS renegotiation MITM",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html"
},
{
"name": "20131121 ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://clicky.me/tlsvuln"
},
{
"name": "42811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42811"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-3555",
"datePublished": "2009-11-09T17:00:00.000Z",
"dateReserved": "2009-10-05T00:00:00.000Z",
"dateUpdated": "2026-05-27T15:38:56.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2009-3555",
"date": "2026-05-27",
"epss": "0.01971",
"percentile": "0.83789"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2009-3555\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2009-11-09T17:30:00.407\",\"lastModified\":\"2026-05-27T17:16:18.407\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \\\"plaintext injection\\\" attack, aka the \\\"Project Mogul\\\" issue.\"},{\"lang\":\"es\",\"value\":\"El protocolo TLS y el protocolo SSL v3.0 y posiblemente versiones anteriores, tal y como se usa en Microsoft Internet Information Services (IIS) v7.0, mod_ssl en el servidor HTTP Apache v2.2.14 y anteriores, OpenSSL antes de v0.9.8l, GnuTLS v2.8.5 y anteriores, Mozilla Network Security Services (NSS) v3.12.4 y anteriores, y otros productos, no asocia apropiadamente la renegociaci\u00f3n del Handshake SSL en una conexi\u00f3n existente, lo que permite ataques man-in-the-middle en los que el atacante inserta datos en sesiones HTTPS, y posiblemente otro tipo de sesiones protegidas por SSL o TLS, enviando una petici\u00f3n de autenticaci\u00f3n que es procesada retroactivamente por un servidor en un contexto post-renegociaci\u00f3n. Se trata de un ataque de \\\"inyecci\u00f3n de texto plano\\\", tambi\u00e9n conocido como el problema del \\\"Proyecto Mogul\\\".\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:P\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-300\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.2.14\",\"matchCriteriaId\":\"F1BD8600-0EF7-4612-B5C4-E327C0828479\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.8.5\",\"matchCriteriaId\":\"38090AC3-C511-4C40-91A5-084CBEC11F34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.12.4\",\"matchCriteriaId\":\"285433B6-03F9-495E-BACA-AA47A014411C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.9.8k\",\"matchCriteriaId\":\"EB35F63F-7856-42EE-87A6-7EC7F10C2032\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0:*:openvms:*:*:*:*:*\",\"matchCriteriaId\":\"718F8E8D-0940-4055-A948-96D25C79323B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4747CC68-FAF4-482F-929A-9DA6C24CB663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5D026D0-EF78-438D-BEDD-FC8571F3ACEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2BCB73E-27BB-4878-AD9C-90C4F20C25A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"5D37DF0F-F863-45AC-853A-3E04F9FEC7CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87614B58-24AB-49FB-9C84-E8DDBA16353B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F92AB32-E7DE-43F4-B877-1F41FA162EC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C757774-08E7-40AA-B532-6F705C8F7639\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036E8A89-7A16-411F-9D31-676313BB7244\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3BB5EDB-520B-4DEF-B06E-65CA13152824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E44669D7-6C1E-4844-B78A-73E253A7CC17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2D59BD0-43DE-4E58-A057-640AB98359A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDE52846-24EC-4068-B788-EC7F915FFF11\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.1.0\",\"versionEndIncluding\":\"0.8.22\",\"matchCriteriaId\":\"06B2E3E1-C2E0-4A4E-A84D-93C456E868E7\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://blogs.iss.net/archive/sslmitmiscsrf.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://clicky.me/tlsvuln\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://extendedsubset.com/?p=8\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://extendedsubset.com/Renegotiating_TLS.pdf\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://kbase.redhat.com/faq/docs/DOC-20491\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=126150535619567\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=127419602507642\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=cryptography\u0026m=125752275331877\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://openbsd.org/errata45.html#010_openssl\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://openbsd.org/errata46.html#004_openssl\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/60521\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://osvdb.org/60972\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://osvdb.org/62210\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://osvdb.org/65202\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://seclists.org/fulldisclosure/2009/Nov/139\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37291\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37292\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37320\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37383\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37399\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37453\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37501\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37504\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37604\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37640\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37656\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37675\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37859\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38003\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38020\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38056\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38241\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38484\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38687\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38781\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39127\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39136\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39242\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39243\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39278\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39292\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39317\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39461\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39500\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39628\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39632\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39713\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39819\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/40070\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/40545\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/40747\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/40866\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/41480\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/41490\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/41818\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/41967\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/41972\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42377\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42379\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42467\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42724\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42733\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42808\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42811\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42816\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/43308\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/44183\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/44954\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48577\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200912-01.xml\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201203-22.xml\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201406-32.xml\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1023148\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.597446\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.apple.com/kb/HT4004\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4170\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4171\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.avaya.com/css/P8/documents/100070150\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.avaya.com/css/P8/documents/100081611\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.avaya.com/css/P8/documents/100114315\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.avaya.com/css/P8/documents/100114327\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.citrix.com/article/CTX123359\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sysoev.ru/nginx/patch.cve-2009-3555.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://ubuntu.com/usn/usn-923-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2009-0155\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21426108\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21432298\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg24006386\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg24025312\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-1.ibm.com/support/search.wss?rs=0\u0026q=PM00675\u0026apar=only\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.arubanetworks.com/support/alerts/aid-020810.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.betanews.com/article/1257452450\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2009/dsa-1934\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2011/dsa-2141\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3253\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ingate.com/Relnote.php?ver=481\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/120541\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.links.org/?p=780\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.links.org/?p=786\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.links.org/?p=789\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openoffice.org/security/cves/CVE-2009-3555.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openssl.org/news/secadv_20091111.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/11/05/3\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/11/05/5\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/11/06/3\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/11/07/3\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/11/20/1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/11/23/10\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.opera.com/docs/changelogs/unix/1060/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.opera.com/support/search/view/944/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0119.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0130.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0155.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0165.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0167.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0337.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0338.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0339.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0768.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0770.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0786.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0807.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0865.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0986.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0987.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0880.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/507952/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/508075/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/508130/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/515055/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/516397/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/522176\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/36935\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023163\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023204\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023205\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023206\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023207\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023208\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023209\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023210\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023211\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023212\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023213\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023214\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023215\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023216\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023217\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023218\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023219\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023224\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023243\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023270\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023271\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023272\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023273\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023274\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023275\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023411\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023426\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023427\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023428\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1024789\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.tombom.co.uk/blog/?p=85\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1010-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-927-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-927-4\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-927-5\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-222A.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-287A.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2010-0019.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3164\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3165\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3205\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3220\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3310\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3313\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3353\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3354\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3484\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3521\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3587\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0086\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0173\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0748\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0848\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0916\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0933\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0982\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0994\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1054\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1107\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1191\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1350\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1639\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1673\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1793\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/2010\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/2745\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3069\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3086\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3126\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0032\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0033\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0086\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=526689\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=545755\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=533125\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kb.bluecoat.com/index?page=content\u0026id=SA50\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://blogs.iss.net/archive/sslmitmiscsrf.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://clicky.me/tlsvuln\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://extendedsubset.com/?p=8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://extendedsubset.com/Renegotiating_TLS.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://kbase.redhat.com/faq/docs/DOC-20491\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=126150535619567\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=127419602507642\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=cryptography\u0026m=125752275331877\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://openbsd.org/errata45.html#010_openssl\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://openbsd.org/errata46.html#004_openssl\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/60521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://osvdb.org/60972\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://osvdb.org/62210\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://osvdb.org/65202\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://seclists.org/fulldisclosure/2009/Nov/139\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37292\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37320\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37383\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37399\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37453\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37501\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37504\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37604\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37640\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37656\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37675\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/37859\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38003\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38020\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38056\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38241\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38484\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38687\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/38781\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39127\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39136\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39242\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39243\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39278\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39292\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39317\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39461\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39500\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39628\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39632\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39713\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/39819\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/40070\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/40545\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/40747\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/40866\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/41480\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/41490\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/41818\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/41967\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/41972\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42377\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42379\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42467\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42724\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42733\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42808\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42811\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/42816\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/43308\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/44183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/44954\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48577\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200912-01.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201203-22.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201406-32.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1023148\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.597446\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.apple.com/kb/HT4004\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4170\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4171\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.avaya.com/css/P8/documents/100070150\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.avaya.com/css/P8/documents/100081611\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.avaya.com/css/P8/documents/100114315\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.avaya.com/css/P8/documents/100114327\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.citrix.com/article/CTX123359\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sysoev.ru/nginx/patch.cve-2009-3555.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://ubuntu.com/usn/usn-923-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2009-0155\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21426108\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21432298\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg24006386\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg24025312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-1.ibm.com/support/search.wss?rs=0\u0026q=PM00675\u0026apar=only\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.arubanetworks.com/support/alerts/aid-020810.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.betanews.com/article/1257452450\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2009/dsa-1934\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2011/dsa-2141\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3253\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ingate.com/Relnote.php?ver=481\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/120541\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.links.org/?p=780\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.links.org/?p=786\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.links.org/?p=789\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openoffice.org/security/cves/CVE-2009-3555.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openssl.org/news/secadv_20091111.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/11/05/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/11/05/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/11/06/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/11/07/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/11/20/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/11/23/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.opera.com/docs/changelogs/unix/1060/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.opera.com/support/search/view/944/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0119.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0130.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0155.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0165.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0167.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0337.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0338.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0339.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0768.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0770.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0786.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0807.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0865.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0986.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0987.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0880.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/507952/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/508075/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/508130/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/515055/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/516397/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/522176\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/36935\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023163\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023204\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023205\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023206\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023207\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023208\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023209\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023210\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023211\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023212\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023213\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023214\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023215\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023216\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023217\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023218\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023219\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023224\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023243\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023270\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023271\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023272\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023273\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023274\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023275\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023411\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023426\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023427\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1023428\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1024789\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.tombom.co.uk/blog/?p=85\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1010-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-927-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-927-4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-927-5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-222A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-287A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2010-0019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3164\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3165\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3205\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3220\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3310\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3313\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3353\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3354\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3484\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3587\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0086\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0173\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0748\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0848\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0916\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0933\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0982\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0994\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1054\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1107\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1191\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1350\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1639\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1673\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1793\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/2010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/2745\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3069\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3086\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3126\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0032\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0033\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0086\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=526689\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=545755\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=533125\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kb.bluecoat.com/index?page=content\u0026id=SA50\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/10579\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Red Hat is aware of this issue and is tracking it via the following bug:\\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3555\\n\\nAdditional information can be found in the Red Hat Knowledgebase article:\\nhttp://kbase.redhat.com/faq/docs/DOC-20491\",\"lastModified\":\"2009-11-20T00:00:00\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html\", \"name\": \"APPLE-SA-2010-05-18-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023427\", \"name\": \"1023427\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://support.avaya.com/css/P8/documents/100081611\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://osvdb.org/62210\", \"name\": \"62210\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37640\", \"name\": \"37640\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.arubanetworks.com/support/alerts/aid-020810.txt\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0916\", \"name\": \"ADV-2010-0916\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://support.avaya.com/css/P8/documents/100114327\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0167.html\", \"name\": \"RHSA-2010:0167\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/2010\", \"name\": \"ADV-2010-2010\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html\", \"name\": \"FEDORA-2009-12750\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0086\", \"name\": \"ADV-2010-0086\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1673\", \"name\": \"ADV-2010-1673\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html\", \"name\": \"[tls] 20091104 TLS renegotiation issue\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37656\", \"name\": \"37656\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0865.html\", \"name\": \"RHSA-2010:0865\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39628\", \"name\": \"39628\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/42724\", \"name\": \"42724\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3310\", \"name\": \"ADV-2009-3310\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3205\", \"name\": \"ADV-2009-3205\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39461\", \"name\": \"39461\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://support.avaya.com/css/P8/documents/100114315\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201406-32.xml\", \"name\": \"GLSA-201406-32\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://www.ingate.com/Relnote.php?ver=481\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023204\", \"name\": \"1023204\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/40866\", \"name\": \"40866\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"name\": \"HPSBMU02799\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA10-222A.html\", \"name\": \"TA10-222A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023211\", \"name\": \"1023211\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686\", \"name\": \"SSRT090249\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39317\", \"name\": \"39317\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023212\", \"name\": \"1023212\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html\", \"name\": \"SUSE-SA:2010:061\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39127\", \"name\": \"39127\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/40545\", \"name\": \"40545\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3069\", \"name\": \"ADV-2010-3069\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://openbsd.org/errata45.html#010_openssl\", \"name\": \"[4.5] 010: SECURITY FIX: November 26, 2009\", \"tags\": [\"vendor-advisory\", \"x_refsource_OPENBSD\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023210\", \"name\": \"1023210\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023270\", \"name\": \"1023270\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/40070\", \"name\": \"40070\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023273\", \"name\": \"1023273\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://kbase.redhat.com/faq/docs/DOC-20491\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-927-5\", \"name\": \"USN-927-5\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247\", \"name\": \"PM12247\", \"tags\": [\"vendor-advisory\", \"x_refsource_AIXAPAR\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html\", \"name\": \"SUSE-SU-2011:0847\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089\", \"name\": \"MDVSA-2010:089\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0770.html\", \"name\": \"RHSA-2010:0770\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.openssl.org/news/secadv_20091111.txt\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023275\", \"name\": \"1023275\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3253\", \"name\": \"DSA-3253\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3484\", \"name\": \"ADV-2009-3484\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023207\", \"name\": \"1023207\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37859\", \"name\": \"37859\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2\", \"name\": \"SSRT101846\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1\", \"name\": \"1021752\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUNALERT\", \"x_transferred\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html\", \"name\": \"FEDORA-2010-6131\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0848\", \"name\": \"ADV-2010-0848\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/11/07/3\", \"name\": \"[oss-security] 20091107 Re: [TLS] CVE-2009-3555 for TLS renegotiation MITM attacks\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39819\", \"name\": \"39819\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055\", \"name\": \"IC68055\", \"tags\": [\"vendor-advisory\", \"x_refsource_AIXAPAR\", \"x_transferred\"]}, {\"url\": \"http://www.links.org/?p=786\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://osvdb.org/60521\", \"name\": \"60521\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/11/23/10\", \"name\": \"[oss-security] 20091123 Re: CVEs for nginx\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/120541\", \"name\": \"VU#120541\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023217\", \"name\": \"1023217\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0768.html\", \"name\": \"RHSA-2010:0768\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3353\", \"name\": \"ADV-2009-3353\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html\", \"name\": \"FEDORA-2010-5357\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39136\", \"name\": \"39136\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.openoffice.org/security/cves/CVE-2009-3555.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0032\", \"name\": \"ADV-2011-0032\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://securitytracker.com/id?1023148\", \"name\": \"1023148\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html\", \"name\": \"openSUSE-SU-2011:0845\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/36935\", \"name\": \"36935\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.tombom.co.uk/blog/?p=85\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\", \"name\": \"SSRT090208\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1107\", \"name\": \"ADV-2010-1107\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023218\", \"name\": \"1023218\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1350\", \"name\": \"ADV-2010-1350\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0338.html\", \"name\": \"RHSA-2010:0338\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/42379\", \"name\": \"42379\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html\", \"name\": \"FEDORA-2009-12775\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml\", \"name\": \"20091109 Transport Layer Security Renegotiation Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848\", \"name\": \"IC67848\", \"tags\": [\"vendor-advisory\", \"x_refsource_AIXAPAR\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023213\", \"name\": \"1023213\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html\", \"name\": \"FEDORA-2010-16240\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1793\", \"name\": \"ADV-2010-1793\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617\", \"name\": \"oval:org.mitre.oval:def:11617\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://extendedsubset.com/?p=8\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37292\", \"name\": \"37292\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/522176\", \"name\": \"SSRT100817\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158\", \"name\": \"tls-renegotiation-weak-security(54158)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\", \"x_transferred\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html\", \"name\": \"APPLE-SA-2010-05-18-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39278\", \"name\": \"39278\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023205\", \"name\": \"1023205\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0130.html\", \"name\": \"RHSA-2010:0130\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686\", \"name\": \"HPSBUX02482\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2\", \"name\": \"HPSBHF03293\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://support.apple.com/kb/HT4004\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023215\", \"name\": \"1023215\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-1010-1\", \"name\": \"USN-1010-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023206\", \"name\": \"1023206\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html\", \"name\": \"SUSE-SR:2010:011\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200912-01.xml\", \"name\": \"GLSA-200912-01\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127419602507642\u0026w=2\", \"name\": \"SSRT090180\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3313\", \"name\": \"ADV-2009-3313\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1\", \"name\": \"274990\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUNALERT\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023208\", \"name\": \"1023208\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/43308\", \"name\": \"43308\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023214\", \"name\": \"1023214\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html\", \"name\": \"SUSE-SA:2009:057\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/38781\", \"name\": \"38781\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2\", \"name\": \"HPSBOV02762\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127419602507642\u0026w=2\", \"name\": \"HPSBMA02534\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.debian.org/security/2009/dsa-1934\", \"name\": \"DSA-1934\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html\", \"name\": \"FEDORA-2009-12782\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478\", \"name\": \"oval:org.mitre.oval:def:7478\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023271\", \"name\": \"1023271\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html\", \"name\": \"APPLE-SA-2010-01-19-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=cryptography\u0026m=125752275331877\u0026w=2\", \"name\": \"[cryptography] 20091105 OpenSSL 0.9.8l released\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/42467\", \"name\": \"42467\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/508130/100/0/threaded\", \"name\": \"20091130 TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315\", \"name\": \"oval:org.mitre.oval:def:7315\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023224\", \"name\": \"1023224\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html\", \"name\": \"SUSE-SR:2010:013\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-927-4\", \"name\": \"USN-927-4\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/41490\", \"name\": \"41490\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/508075/100/0/threaded\", \"name\": \"20091124 rPSA-2009-0155-1 httpd mod_ssl\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023243\", \"name\": \"1023243\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37504\", \"name\": \"37504\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023219\", \"name\": \"1023219\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://sysoev.ru/nginx/patch.cve-2009-3555.txt\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023163\", \"name\": \"1023163\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2\", \"name\": \"HPSBHF02706\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3521\", \"name\": \"ADV-2009-3521\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973\", \"name\": \"oval:org.mitre.oval:def:7973\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995\", \"name\": \"HPSBMA02568\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=533125\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088\", \"name\": \"oval:org.mitre.oval:def:10088\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/44183\", \"name\": \"44183\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/42808\", \"name\": \"42808\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39500\", \"name\": \"39500\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578\", \"name\": \"oval:org.mitre.oval:def:11578\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3220\", \"name\": \"ADV-2009-3220\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"SSRT100179\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"SSRT100089\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0165.html\", \"name\": \"RHSA-2010:0165\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/515055/100/0/threaded\", \"name\": \"20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0987.html\", \"name\": \"RHSA-2010:0987\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=545755\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21426108\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://blogs.iss.net/archive/sslmitmiscsrf.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023411\", \"name\": \"1023411\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0339.html\", \"name\": \"RHSA-2010:0339\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0986.html\", \"name\": \"RHSA-2010:0986\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3164\", \"name\": \"ADV-2009-3164\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37383\", \"name\": \"37383\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html\", \"name\": \"FEDORA-2009-12229\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/44954\", \"name\": \"44954\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html\", \"name\": \"[tls] 20091104 MITM attack on delayed TLS-client auth through renegotiation\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"HPSBUX02524\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://support.avaya.com/css/P8/documents/100070150\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/40747\", \"name\": \"40747\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=126150535619567\u0026w=2\", \"name\": \"HPSBUX02498\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/522176\", \"name\": \"HPSBMU02759\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39292\", \"name\": \"39292\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/42816\", \"name\": \"42816\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054\", \"name\": \"IC68054\", \"tags\": [\"vendor-advisory\", \"x_refsource_AIXAPAR\", \"x_transferred\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1\", \"name\": \"273029\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUNALERT\", \"x_transferred\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html\", \"name\": \"FEDORA-2009-12604\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21432298\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://extendedsubset.com/Renegotiating_TLS.pdf\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg24025312\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg24006386\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://support.apple.com/kb/HT4170\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/507952/100/0/threaded\", \"name\": \"20091118 TLS / SSLv3 vulnerability explained (DRAFT)\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023209\", \"name\": \"1023209\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www-1.ibm.com/support/search.wss?rs=0\u0026q=PM00675\u0026apar=only\", \"name\": \"PM00675\", \"tags\": [\"vendor-advisory\", \"x_refsource_AIXAPAR\", \"x_transferred\"]}, {\"url\": \"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\", \"name\": \"HPSBOV02683\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/48577\", \"name\": \"48577\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.597446\", \"name\": \"SSA:2009-320-01\", \"tags\": [\"vendor-advisory\", \"x_refsource_SLACKWARE\", \"x_transferred\"]}, {\"url\": \"http://www.links.org/?p=789\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.opera.com/docs/changelogs/unix/1060/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-0880.html\", \"name\": \"RHSA-2011:0880\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\", \"name\": \"SUSE-SR:2010:008\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/11/06/3\", \"name\": \"[oss-security] 20091107 Re: CVE-2009-3555 for TLS renegotiation MITM attacks\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html\", \"name\": \"FEDORA-2009-12305\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://wiki.rpath.com/Advisories:rPSA-2009-0155\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html\", \"name\": \"SUSE-SR:2010:012\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://support.citrix.com/article/CTX123359\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37501\", \"name\": \"37501\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076\", \"name\": \"MDVSA-2010:076\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2\", \"name\": \"HPSBUX02517\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3587\", \"name\": \"ADV-2009-3587\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39632\", \"name\": \"39632\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=126150535619567\u0026w=2\", \"name\": \"SSRT090264\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/38687\", \"name\": \"38687\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=526689\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049\", \"name\": \"MS10-049\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0982\", \"name\": \"ADV-2010-0982\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2\", \"name\": \"SSRT100825\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37399\", \"name\": \"37399\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-927-1\", \"name\": \"USN-927-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023272\", \"name\": \"1023272\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html\", \"name\": \"FEDORA-2009-12606\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3126\", \"name\": \"ADV-2010-3126\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37320\", \"name\": \"37320\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3165\", \"name\": \"ADV-2009-3165\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1639\", \"name\": \"ADV-2010-1639\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/38020\", \"name\": \"38020\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://ubuntu.com/usn/usn-923-1\", \"name\": \"USN-923-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39243\", \"name\": \"39243\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366\", \"name\": \"oval:org.mitre.oval:def:8366\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37453\", \"name\": \"37453\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0933\", \"name\": \"ADV-2010-0933\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995\", \"name\": \"SSRT100219\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/41972\", \"name\": \"41972\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3086\", \"name\": \"ADV-2010-3086\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.debian.org/security/2011/dsa-2141\", \"name\": \"DSA-2141\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1024789\", \"name\": \"1024789\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0155.html\", \"name\": \"RHSA-2010:0155\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0033\", \"name\": \"ADV-2011-0033\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0337.html\", \"name\": \"RHSA-2010:0337\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023216\", \"name\": \"1023216\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/41480\", \"name\": \"41480\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0086\", \"name\": \"ADV-2011-0086\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/41818\", \"name\": \"41818\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37604\", \"name\": \"37604\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.opera.com/support/search/view/944/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2\", \"name\": \"[announce] 20091107 CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html\", \"name\": \"SUSE-SR:2010:024\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA10-287A.html\", \"name\": \"TA10-287A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\", \"x_transferred\"]}, {\"url\": \"http://www.links.org/?p=780\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0119.html\", \"name\": \"RHSA-2010:0119\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/38056\", \"name\": \"38056\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0748\", \"name\": \"ADV-2010-0748\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37675\", \"name\": \"37675\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535\", \"name\": \"oval:org.mitre.oval:def:8535\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"HPSBMA02547\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2\", \"name\": \"SSRT100058\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2010-0019.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0786.html\", \"name\": \"RHSA-2010:0786\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/38003\", \"name\": \"38003\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://support.apple.com/kb/HT4171\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023428\", \"name\": \"1023428\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2\", \"name\": \"SSRT100613\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/11/20/1\", \"name\": \"[oss-security] 20091120 CVEs for nginx\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3354\", \"name\": \"ADV-2009-3354\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023274\", \"name\": \"1023274\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html\", \"name\": \"FEDORA-2009-12968\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39242\", \"name\": \"39242\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://kb.bluecoat.com/index?page=content\u0026id=SA50\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/38241\", \"name\": \"38241\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/42377\", \"name\": \"42377\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201203-22.xml\", \"name\": \"GLSA-201203-22\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/11/05/3\", \"name\": \"[oss-security] 20091105 CVE-2009-3555 for TLS renegotiation MITM attacks\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html\", \"name\": \"SUSE-SR:2010:019\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://osvdb.org/60972\", \"name\": \"60972\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1023426\", \"name\": \"1023426\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/38484\", \"name\": \"38484\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084\", \"name\": \"MDVSA-2010:084\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\", \"x_transferred\"]}, {\"url\": \"http://www.betanews.com/article/1257452450\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1\", \"name\": \"1021653\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUNALERT\", \"x_transferred\"]}, {\"url\": \"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/516397/100/0/threaded\", \"name\": \"20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://openbsd.org/errata46.html#004_openssl\", \"name\": \"[4.6] 004: SECURITY FIX: November 26, 2009\", \"tags\": [\"vendor-advisory\", \"x_refsource_OPENBSD\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/41967\", \"name\": \"41967\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0807.html\", \"name\": \"RHSA-2010:0807\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1191\", \"name\": \"ADV-2010-1191\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2009/Nov/139\", \"name\": \"20091111 Re: SSL/TLS MiTM PoC\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\", \"x_transferred\"]}, {\"url\": \"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/11/05/5\", \"name\": \"[oss-security] 20091105 Re: CVE-2009-3555 for TLS renegotiation MITM attacks\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39713\", \"name\": \"39713\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/42733\", \"name\": \"42733\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37291\", \"name\": \"37291\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html\", \"name\": \"FEDORA-2010-16312\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html\", \"name\": \"FEDORA-2010-5942\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/2745\", \"name\": \"ADV-2010-2745\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1\", \"name\": \"273350\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUNALERT\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0994\", \"name\": \"ADV-2010-0994\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0173\", \"name\": \"ADV-2010-0173\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1054\", \"name\": \"ADV-2010-1054\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://osvdb.org/65202\", \"name\": \"65202\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\", \"x_transferred\"]}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041\", \"name\": \"HPSBGN02562\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html\", \"name\": \"FEDORA-2010-16294\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html\", \"name\": \"[gnutls-devel] 20091105 Re: TLS renegotiation MITM\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html\", \"name\": \"20131121 ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://clicky.me/tlsvuln\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/42811\", \"name\": \"42811\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-07T06:31:10.430Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2009-3555\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-27T15:38:52.013476Z\"}}}], \"references\": [{\"url\": \"https://www.exploit-db.com/exploits/10579\", \"tags\": [\"exploit\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-300\", \"description\": \"CWE-300 Channel Accessible by Non-Endpoint\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-27T15:37:41.047Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2009-11-04T00:00:00.000Z\", \"references\": [{\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html\", \"name\": \"APPLE-SA-2010-05-18-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\"]}, {\"url\": \"http://www.securitytracker.com/id?1023427\", \"name\": \"1023427\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://support.avaya.com/css/P8/documents/100081611\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://osvdb.org/62210\", \"name\": \"62210\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\"]}, {\"url\": \"http://secunia.com/advisories/37640\", \"name\": \"37640\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.arubanetworks.com/support/alerts/aid-020810.txt\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0916\", \"name\": \"ADV-2010-0916\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://support.avaya.com/css/P8/documents/100114327\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0167.html\", \"name\": \"RHSA-2010:0167\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/2010\", \"name\": \"ADV-2010-2010\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html\", \"name\": \"FEDORA-2009-12750\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0086\", \"name\": \"ADV-2010-0086\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1673\", \"name\": \"ADV-2010-1673\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html\", \"name\": \"[tls] 20091104 TLS renegotiation issue\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://secunia.com/advisories/37656\", \"name\": \"37656\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0865.html\", \"name\": \"RHSA-2010:0865\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://secunia.com/advisories/39628\", \"name\": \"39628\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/42724\", \"name\": \"42724\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3310\", \"name\": \"ADV-2009-3310\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3205\", \"name\": \"ADV-2009-3205\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/39461\", \"name\": \"39461\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://support.avaya.com/css/P8/documents/100114315\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201406-32.xml\", \"name\": \"GLSA-201406-32\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://www.ingate.com/Relnote.php?ver=481\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securitytracker.com/id?1023204\", \"name\": \"1023204\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://secunia.com/advisories/40866\", \"name\": \"40866\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"name\": \"HPSBMU02799\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA10-222A.html\", \"name\": \"TA10-222A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\"]}, {\"url\": \"http://www.securitytracker.com/id?1023211\", \"name\": \"1023211\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686\", \"name\": \"SSRT090249\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/39317\", \"name\": \"39317\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.securitytracker.com/id?1023212\", \"name\": \"1023212\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html\", \"name\": \"SUSE-SA:2010:061\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://secunia.com/advisories/39127\", \"name\": \"39127\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/40545\", \"name\": \"40545\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3069\", \"name\": \"ADV-2010-3069\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://openbsd.org/errata45.html#010_openssl\", \"name\": \"[4.5] 010: SECURITY FIX: November 26, 2009\", \"tags\": [\"vendor-advisory\", \"x_refsource_OPENBSD\"]}, {\"url\": \"http://www.securitytracker.com/id?1023210\", \"name\": \"1023210\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.securitytracker.com/id?1023270\", \"name\": \"1023270\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://secunia.com/advisories/40070\", \"name\": \"40070\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.securitytracker.com/id?1023273\", \"name\": \"1023273\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://kbase.redhat.com/faq/docs/DOC-20491\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-927-5\", \"name\": \"USN-927-5\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247\", \"name\": \"PM12247\", \"tags\": [\"vendor-advisory\", \"x_refsource_AIXAPAR\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html\", \"name\": \"SUSE-SU-2011:0847\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089\", \"name\": \"MDVSA-2010:089\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0770.html\", \"name\": \"RHSA-2010:0770\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.openssl.org/news/secadv_20091111.txt\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securitytracker.com/id?1023275\", \"name\": \"1023275\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3253\", \"name\": \"DSA-3253\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3484\", \"name\": \"ADV-2009-3484\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.securitytracker.com/id?1023207\", \"name\": \"1023207\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://secunia.com/advisories/37859\", \"name\": \"37859\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2\", \"name\": \"SSRT101846\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1\", \"name\": \"1021752\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUNALERT\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html\", \"name\": \"FEDORA-2010-6131\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0848\", \"name\": \"ADV-2010-0848\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/11/07/3\", \"name\": \"[oss-security] 20091107 Re: [TLS] CVE-2009-3555 for TLS renegotiation MITM attacks\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://secunia.com/advisories/39819\", \"name\": \"39819\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055\", \"name\": \"IC68055\", \"tags\": [\"vendor-advisory\", \"x_refsource_AIXAPAR\"]}, {\"url\": \"http://www.links.org/?p=786\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://osvdb.org/60521\", \"name\": \"60521\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/11/23/10\", \"name\": \"[oss-security] 20091123 Re: CVEs for nginx\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/120541\", \"name\": \"VU#120541\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\"]}, {\"url\": \"http://www.securitytracker.com/id?1023217\", \"name\": \"1023217\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0768.html\", \"name\": \"RHSA-2010:0768\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3353\", \"name\": \"ADV-2009-3353\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html\", \"name\": \"FEDORA-2010-5357\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://secunia.com/advisories/39136\", \"name\": \"39136\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.openoffice.org/security/cves/CVE-2009-3555.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0032\", \"name\": \"ADV-2011-0032\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://securitytracker.com/id?1023148\", \"name\": \"1023148\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html\", \"name\": \"openSUSE-SU-2011:0845\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.securityfocus.com/bid/36935\", \"name\": \"36935\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.tombom.co.uk/blog/?p=85\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\", \"name\": \"SSRT090208\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1107\", \"name\": \"ADV-2010-1107\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.securitytracker.com/id?1023218\", \"name\": \"1023218\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1350\", \"name\": \"ADV-2010-1350\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0338.html\", \"name\": \"RHSA-2010:0338\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://secunia.com/advisories/42379\", \"name\": \"42379\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html\", \"name\": \"FEDORA-2009-12775\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml\", \"name\": \"20091109 Transport Layer Security Renegotiation Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848\", \"name\": \"IC67848\", \"tags\": [\"vendor-advisory\", \"x_refsource_AIXAPAR\"]}, {\"url\": \"http://www.securitytracker.com/id?1023213\", \"name\": \"1023213\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html\", \"name\": \"FEDORA-2010-16240\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1793\", \"name\": \"ADV-2010-1793\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617\", \"name\": \"oval:org.mitre.oval:def:11617\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://extendedsubset.com/?p=8\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://secunia.com/advisories/37292\", \"name\": \"37292\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/522176\", \"name\": \"SSRT100817\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158\", \"name\": \"tls-renegotiation-weak-security(54158)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html\", \"name\": \"APPLE-SA-2010-05-18-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\"]}, {\"url\": \"http://secunia.com/advisories/39278\", \"name\": \"39278\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.securitytracker.com/id?1023205\", \"name\": \"1023205\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0130.html\", \"name\": \"RHSA-2010:0130\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686\", \"name\": \"HPSBUX02482\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2\", \"name\": \"HPSBHF03293\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://support.apple.com/kb/HT4004\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securitytracker.com/id?1023215\", \"name\": \"1023215\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-1010-1\", \"name\": \"USN-1010-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://www.securitytracker.com/id?1023206\", \"name\": \"1023206\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html\", \"name\": \"SUSE-SR:2010:011\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200912-01.xml\", \"name\": \"GLSA-200912-01\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127419602507642\u0026w=2\", \"name\": \"SSRT090180\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3313\", \"name\": \"ADV-2009-3313\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1\", \"name\": \"274990\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUNALERT\"]}, {\"url\": \"http://www.securitytracker.com/id?1023208\", \"name\": \"1023208\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://secunia.com/advisories/43308\", \"name\": \"43308\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.securitytracker.com/id?1023214\", \"name\": \"1023214\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html\", \"name\": \"SUSE-SA:2009:057\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://secunia.com/advisories/38781\", \"name\": \"38781\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2\", \"name\": \"HPSBOV02762\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127419602507642\u0026w=2\", \"name\": \"HPSBMA02534\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.debian.org/security/2009/dsa-1934\", \"name\": \"DSA-1934\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html\", \"name\": \"FEDORA-2009-12782\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478\", \"name\": \"oval:org.mitre.oval:def:7478\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://www.securitytracker.com/id?1023271\", \"name\": \"1023271\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html\", \"name\": \"APPLE-SA-2010-01-19-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\"]}, {\"url\": \"http://marc.info/?l=cryptography\u0026m=125752275331877\u0026w=2\", \"name\": \"[cryptography] 20091105 OpenSSL 0.9.8l released\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://secunia.com/advisories/42467\", \"name\": \"42467\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/508130/100/0/threaded\", \"name\": \"20091130 TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315\", \"name\": \"oval:org.mitre.oval:def:7315\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://www.securitytracker.com/id?1023224\", \"name\": \"1023224\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html\", \"name\": \"SUSE-SR:2010:013\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-927-4\", \"name\": \"USN-927-4\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://secunia.com/advisories/41490\", \"name\": \"41490\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/508075/100/0/threaded\", \"name\": \"20091124 rPSA-2009-0155-1 httpd mod_ssl\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://www.securitytracker.com/id?1023243\", \"name\": \"1023243\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://secunia.com/advisories/37504\", \"name\": \"37504\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.securitytracker.com/id?1023219\", \"name\": \"1023219\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://sysoev.ru/nginx/patch.cve-2009-3555.txt\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.securitytracker.com/id?1023163\", \"name\": \"1023163\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2\", \"name\": \"HPSBHF02706\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3521\", \"name\": \"ADV-2009-3521\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973\", \"name\": \"oval:org.mitre.oval:def:7973\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995\", \"name\": \"HPSBMA02568\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=533125\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088\", \"name\": \"oval:org.mitre.oval:def:10088\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://secunia.com/advisories/44183\", \"name\": \"44183\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/42808\", \"name\": \"42808\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/39500\", \"name\": \"39500\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578\", \"name\": \"oval:org.mitre.oval:def:11578\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3220\", \"name\": \"ADV-2009-3220\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"SSRT100179\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"SSRT100089\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0165.html\", \"name\": \"RHSA-2010:0165\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/515055/100/0/threaded\", \"name\": \"20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0987.html\", \"name\": \"RHSA-2010:0987\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=545755\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21426108\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://blogs.iss.net/archive/sslmitmiscsrf.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.securitytracker.com/id?1023411\", \"name\": \"1023411\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0339.html\", \"name\": \"RHSA-2010:0339\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0986.html\", \"name\": \"RHSA-2010:0986\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3164\", \"name\": \"ADV-2009-3164\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://secunia.com/advisories/37383\", \"name\": \"37383\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html\", \"name\": \"FEDORA-2009-12229\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://secunia.com/advisories/44954\", \"name\": \"44954\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html\", \"name\": \"[tls] 20091104 MITM attack on delayed TLS-client auth through renegotiation\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"HPSBUX02524\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://support.avaya.com/css/P8/documents/100070150\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/40747\", \"name\": \"40747\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=126150535619567\u0026w=2\", \"name\": \"HPSBUX02498\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/522176\", \"name\": \"HPSBMU02759\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/39292\", \"name\": \"39292\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/42816\", \"name\": \"42816\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054\", \"name\": \"IC68054\", \"tags\": [\"vendor-advisory\", \"x_refsource_AIXAPAR\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1\", \"name\": \"273029\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUNALERT\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html\", \"name\": \"FEDORA-2009-12604\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21432298\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://extendedsubset.com/Renegotiating_TLS.pdf\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg24025312\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg24006386\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://support.apple.com/kb/HT4170\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/507952/100/0/threaded\", \"name\": \"20091118 TLS / SSLv3 vulnerability explained (DRAFT)\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://www.securitytracker.com/id?1023209\", \"name\": \"1023209\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www-1.ibm.com/support/search.wss?rs=0\u0026q=PM00675\u0026apar=only\", \"name\": \"PM00675\", \"tags\": [\"vendor-advisory\", \"x_refsource_AIXAPAR\"]}, {\"url\": \"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2\", \"name\": \"HPSBOV02683\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/48577\", \"name\": \"48577\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.597446\", \"name\": \"SSA:2009-320-01\", \"tags\": [\"vendor-advisory\", \"x_refsource_SLACKWARE\"]}, {\"url\": \"http://www.links.org/?p=789\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.opera.com/docs/changelogs/unix/1060/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-0880.html\", \"name\": \"RHSA-2011:0880\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\", \"name\": \"SUSE-SR:2010:008\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/11/06/3\", \"name\": \"[oss-security] 20091107 Re: CVE-2009-3555 for TLS renegotiation MITM attacks\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html\", \"name\": \"FEDORA-2009-12305\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://wiki.rpath.com/Advisories:rPSA-2009-0155\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html\", \"name\": \"SUSE-SR:2010:012\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://support.citrix.com/article/CTX123359\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/37501\", \"name\": \"37501\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076\", \"name\": \"MDVSA-2010:076\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2\", \"name\": \"HPSBUX02517\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3587\", \"name\": \"ADV-2009-3587\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://secunia.com/advisories/39632\", \"name\": \"39632\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=126150535619567\u0026w=2\", \"name\": \"SSRT090264\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/38687\", \"name\": \"38687\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=526689\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049\", \"name\": \"MS10-049\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0982\", \"name\": \"ADV-2010-0982\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2\", \"name\": \"SSRT100825\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/37399\", \"name\": \"37399\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-927-1\", \"name\": \"USN-927-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://www.securitytracker.com/id?1023272\", \"name\": \"1023272\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html\", \"name\": \"FEDORA-2009-12606\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3126\", \"name\": \"ADV-2010-3126\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://secunia.com/advisories/37320\", \"name\": \"37320\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3165\", \"name\": \"ADV-2009-3165\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1639\", \"name\": \"ADV-2010-1639\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://secunia.com/advisories/38020\", \"name\": \"38020\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://ubuntu.com/usn/usn-923-1\", \"name\": \"USN-923-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://secunia.com/advisories/39243\", \"name\": \"39243\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366\", \"name\": \"oval:org.mitre.oval:def:8366\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://secunia.com/advisories/37453\", \"name\": \"37453\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0933\", \"name\": \"ADV-2010-0933\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995\", \"name\": \"SSRT100219\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/41972\", \"name\": \"41972\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3086\", \"name\": \"ADV-2010-3086\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.debian.org/security/2011/dsa-2141\", \"name\": \"DSA-2141\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"http://www.securitytracker.com/id?1024789\", \"name\": \"1024789\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0155.html\", \"name\": \"RHSA-2010:0155\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0033\", \"name\": \"ADV-2011-0033\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0337.html\", \"name\": \"RHSA-2010:0337\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.securitytracker.com/id?1023216\", \"name\": \"1023216\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://secunia.com/advisories/41480\", \"name\": \"41480\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0086\", \"name\": \"ADV-2011-0086\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://secunia.com/advisories/41818\", \"name\": \"41818\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/37604\", \"name\": \"37604\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.opera.com/support/search/view/944/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2\", \"name\": \"[announce] 20091107 CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html\", \"name\": \"SUSE-SR:2010:024\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA10-287A.html\", \"name\": \"TA10-287A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\"]}, {\"url\": \"http://www.links.org/?p=780\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0119.html\", \"name\": \"RHSA-2010:0119\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://secunia.com/advisories/38056\", \"name\": \"38056\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0748\", \"name\": \"ADV-2010-0748\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://secunia.com/advisories/37675\", \"name\": \"37675\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535\", \"name\": \"oval:org.mitre.oval:def:8535\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"HPSBMA02547\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2\", \"name\": \"SSRT100058\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2010-0019.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0786.html\", \"name\": \"RHSA-2010:0786\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://secunia.com/advisories/38003\", \"name\": \"38003\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://support.apple.com/kb/HT4171\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securitytracker.com/id?1023428\", \"name\": \"1023428\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2\", \"name\": \"SSRT100613\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/11/20/1\", \"name\": \"[oss-security] 20091120 CVEs for nginx\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3354\", \"name\": \"ADV-2009-3354\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.securitytracker.com/id?1023274\", \"name\": \"1023274\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html\", \"name\": \"FEDORA-2009-12968\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://secunia.com/advisories/39242\", \"name\": \"39242\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://kb.bluecoat.com/index?page=content\u0026id=SA50\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/38241\", \"name\": \"38241\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/42377\", \"name\": \"42377\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201203-22.xml\", \"name\": \"GLSA-201203-22\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/11/05/3\", \"name\": \"[oss-security] 20091105 CVE-2009-3555 for TLS renegotiation MITM attacks\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html\", \"name\": \"SUSE-SR:2010:019\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://osvdb.org/60972\", \"name\": \"60972\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\"]}, {\"url\": \"http://www.securitytracker.com/id?1023426\", \"name\": \"1023426\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://secunia.com/advisories/38484\", \"name\": \"38484\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084\", \"name\": \"MDVSA-2010:084\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\"]}, {\"url\": \"http://www.betanews.com/article/1257452450\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1\", \"name\": \"1021653\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUNALERT\"]}, {\"url\": \"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/516397/100/0/threaded\", \"name\": \"20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://openbsd.org/errata46.html#004_openssl\", \"name\": \"[4.6] 004: SECURITY FIX: November 26, 2009\", \"tags\": [\"vendor-advisory\", \"x_refsource_OPENBSD\"]}, {\"url\": \"http://secunia.com/advisories/41967\", \"name\": \"41967\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0807.html\", \"name\": \"RHSA-2010:0807\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1191\", \"name\": \"ADV-2010-1191\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2009/Nov/139\", \"name\": \"20091111 Re: SSL/TLS MiTM PoC\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\"]}, {\"url\": \"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/11/05/5\", \"name\": \"[oss-security] 20091105 Re: CVE-2009-3555 for TLS renegotiation MITM attacks\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://secunia.com/advisories/39713\", \"name\": \"39713\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/42733\", \"name\": \"42733\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/37291\", \"name\": \"37291\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html\", \"name\": \"FEDORA-2010-16312\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html\", \"name\": \"FEDORA-2010-5942\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/2745\", \"name\": \"ADV-2010-2745\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1\", \"name\": \"273350\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUNALERT\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0994\", \"name\": \"ADV-2010-0994\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0173\", \"name\": \"ADV-2010-0173\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1054\", \"name\": \"ADV-2010-1054\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://osvdb.org/65202\", \"name\": \"65202\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\"]}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041\", \"name\": \"HPSBGN02562\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html\", \"name\": \"FEDORA-2010-16294\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html\", \"name\": \"[gnutls-devel] 20091105 Re: TLS renegotiation MITM\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html\", \"name\": \"20131121 ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://clicky.me/tlsvuln\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://secunia.com/advisories/42811\", \"name\": \"42811\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E\", \"name\": \"[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \\\"plaintext injection\\\" attack, aka the \\\"Project Mogul\\\" issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2020-02-13T16:08:08.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2009-3555\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-27T15:38:56.729Z\", \"dateReserved\": \"2009-10-05T00:00:00.000Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2009-11-09T17:00:00.000Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2010:0164
Vulnerability from csaf_redhat - Published: 2010-03-25 09:20 - Updated: 2026-05-27 17:13Summary
Red Hat Security Advisory: openssl097a security update
Severity
Moderate
Notes
Topic: Updated openssl097a packages that fix a security issue are now available
for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols, as well as a
full-strength, general purpose cryptography library.
A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure
Sockets Layer) protocols handled session renegotiation. A man-in-the-middle
attacker could use this flaw to prefix arbitrary plain text to a client's
session (for example, an HTTPS connection to a website). This could force
the server to process an attacker's request as if authenticated using the
victim's credentials. This update addresses this flaw by implementing the
TLS Renegotiation Indication Extension, as defined in RFC 5746.
(CVE-2009-3555)
Refer to the following Knowledgebase article for additional details about
this flaw: http://kbase.redhat.com/faq/docs/DOC-20491
All openssl097a users should upgrade to these updated packages, which
contain a backported patch to resolve this issue. For the update to take
effect, all services linked to the openssl097a library must be restarted,
or the system rebooted.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4.3 ()
Affected products
Fixed
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:openssl097a-0:0.9.7a-9.el5_4.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-0:0.9.7a-9.el5_4.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-0:0.9.7a-9.el5_4.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-0:0.9.7a-9.el5_4.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-0:0.9.7a-9.el5_4.2.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-0:0.9.7a-9.el5_4.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-0:0.9.7a-9.el5_4.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-0:0.9.7a-9.el5_4.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-0:0.9.7a-9.el5_4.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-0:0.9.7a-9.el5_4.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-0:0.9.7a-9.el5_4.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-0:0.9.7a-9.el5_4.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-0:0.9.7a-9.el5_4.2.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-0:0.9.7a-9.el5_4.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-0:0.9.7a-9.el5_4.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-0:0.9.7a-9.el5_4.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated openssl097a packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client\u0027s\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker\u0027s request as if authenticated using the\nvictim\u0027s credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthis flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nAll openssl097a users should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. For the update to take\neffect, all services linked to the openssl097a library must be restarted,\nor the system rebooted.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0164",
"url": "https://access.redhat.com/errata/RHSA-2010:0164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "http://kbase.redhat.com/faq/docs/DOC-20491",
"url": "http://kbase.redhat.com/faq/docs/DOC-20491"
},
{
"category": "external",
"summary": "http://kbase.redhat.com/faq/docs/DOC-26039",
"url": "http://kbase.redhat.com/faq/docs/DOC-26039"
},
{
"category": "external",
"summary": "533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0164.json"
}
],
"title": "Red Hat Security Advisory: openssl097a security update",
"tracking": {
"current_release_date": "2026-05-27T17:13:49+00:00",
"generator": {
"date": "2026-05-27T17:13:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2010:0164",
"initial_release_date": "2010-03-25T09:20:00+00:00",
"revision_history": [
{
"date": "2010-03-25T09:20:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-03-25T05:20:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T17:13:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64",
"product": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64",
"product_id": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a-debuginfo@0.9.7a-9.el5_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssl097a-0:0.9.7a-9.el5_4.2.x86_64",
"product": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.x86_64",
"product_id": "openssl097a-0:0.9.7a-9.el5_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a@0.9.7a-9.el5_4.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386",
"product": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386",
"product_id": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a-debuginfo@0.9.7a-9.el5_4.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssl097a-0:0.9.7a-9.el5_4.2.i386",
"product": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.i386",
"product_id": "openssl097a-0:0.9.7a-9.el5_4.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a@0.9.7a-9.el5_4.2?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl097a-0:0.9.7a-9.el5_4.2.src",
"product": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.src",
"product_id": "openssl097a-0:0.9.7a-9.el5_4.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a@0.9.7a-9.el5_4.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64",
"product": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64",
"product_id": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a-debuginfo@0.9.7a-9.el5_4.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssl097a-0:0.9.7a-9.el5_4.2.ia64",
"product": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.ia64",
"product_id": "openssl097a-0:0.9.7a-9.el5_4.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a@0.9.7a-9.el5_4.2?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64",
"product": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64",
"product_id": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a-debuginfo@0.9.7a-9.el5_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openssl097a-0:0.9.7a-9.el5_4.2.ppc64",
"product": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.ppc64",
"product_id": "openssl097a-0:0.9.7a-9.el5_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a@0.9.7a-9.el5_4.2?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc",
"product": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc",
"product_id": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a-debuginfo@0.9.7a-9.el5_4.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssl097a-0:0.9.7a-9.el5_4.2.ppc",
"product": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.ppc",
"product_id": "openssl097a-0:0.9.7a-9.el5_4.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a@0.9.7a-9.el5_4.2?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x",
"product": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x",
"product_id": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a-debuginfo@0.9.7a-9.el5_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssl097a-0:0.9.7a-9.el5_4.2.s390x",
"product": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.s390x",
"product_id": "openssl097a-0:0.9.7a-9.el5_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a@0.9.7a-9.el5_4.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390",
"product": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390",
"product_id": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a-debuginfo@0.9.7a-9.el5_4.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssl097a-0:0.9.7a-9.el5_4.2.s390",
"product": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.s390",
"product_id": "openssl097a-0:0.9.7a-9.el5_4.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl097a@0.9.7a-9.el5_4.2?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-0:0.9.7a-9.el5_4.2.i386"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-0:0.9.7a-9.el5_4.2.ia64"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-0:0.9.7a-9.el5_4.2.ppc"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-0:0.9.7a-9.el5_4.2.ppc64"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-0:0.9.7a-9.el5_4.2.s390"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-0:0.9.7a-9.el5_4.2.s390x"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-0:0.9.7a-9.el5_4.2.src"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-0:0.9.7a-9.el5_4.2.x86_64"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-0:0.9.7a-9.el5_4.2.i386"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-0:0.9.7a-9.el5_4.2.ia64"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-0:0.9.7a-9.el5_4.2.ppc"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-0:0.9.7a-9.el5_4.2.ppc64"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-0:0.9.7a-9.el5_4.2.s390"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-0:0.9.7a-9.el5_4.2.s390x"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-0:0.9.7a-9.el5_4.2.src"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-0:0.9.7a-9.el5_4.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-0:0.9.7a-9.el5_4.2.x86_64"
},
"product_reference": "openssl097a-0:0.9.7a-9.el5_4.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64"
},
"product_reference": "openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3555",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2009-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "533125"
}
],
"notes": [
{
"category": "description",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS: MITM attacks via session renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.i386",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.ia64",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.ppc",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.ppc64",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.s390",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.s390x",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.src",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.x86_64",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.i386",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.ia64",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.ppc",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.ppc64",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.s390",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.s390x",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.src",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.x86_64",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "RHBZ#533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555"
}
],
"release_date": "2009-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-03-25T09:20:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.i386",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.ia64",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.ppc",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.ppc64",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.s390",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.s390x",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.src",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.x86_64",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.i386",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.ia64",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.ppc",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.ppc64",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.s390",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.s390x",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.src",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.x86_64",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0164"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.i386",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.ia64",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.ppc",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.ppc64",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.s390",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.s390x",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.src",
"5Client:openssl097a-0:0.9.7a-9.el5_4.2.x86_64",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x",
"5Client:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.i386",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.ia64",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.ppc",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.ppc64",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.s390",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.s390x",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.src",
"5Server:openssl097a-0:0.9.7a-9.el5_4.2.x86_64",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.i386",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ia64",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.ppc64",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.s390x",
"5Server:openssl097a-debuginfo-0:0.9.7a-9.el5_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS: MITM attacks via session renegotiation"
}
]
}
RHSA-2010:0165
Vulnerability from csaf_redhat - Published: 2010-03-25 10:01 - Updated: 2026-05-27 17:13Summary
Red Hat Security Advisory: nss security update
Severity
Moderate
Notes
Topic: Updated nss packages that fix a security issue are now available for Red
Hat Enterprise Linux 4 and 5.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details: Network Security Services (NSS) is a set of libraries designed to support
the cross-platform development of security-enabled client and server
applications. Applications built with NSS can support SSLv2, SSLv3, TLS,
and other security standards.
Netscape Portable Runtime (NSPR) provides platform independence for non-GUI
operating system facilities. These facilities include threads, thread
synchronization, normal file and network I/O, interval timing, calendar
time, basic memory management (malloc and free), and shared library
linking.
A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure
Sockets Layer) protocols handled session renegotiation. A man-in-the-middle
attacker could use this flaw to prefix arbitrary plain text to a client's
session (for example, an HTTPS connection to a website). This could force
the server to process an attacker's request as if authenticated using the
victim's credentials. This update addresses this flaw by implementing the
TLS Renegotiation Indication Extension, as defined in RFC 5746.
(CVE-2009-3555)
Refer to the following Knowledgebase article for additional details about
this flaw: http://kbase.redhat.com/faq/docs/DOC-20491
Users of Red Hat Certificate System 7.3 and 8.0 should review the following
Knowledgebase article before installing this update:
http://kbase.redhat.com/faq/docs/DOC-28439
All users of NSS are advised to upgrade to these updated packages, which
update NSS to version 3.12.6. This erratum also updates the NSPR packages
to the version required by NSS 3.12.6. All running applications using the
NSS library must be restarted for this update to take effect.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4.3 ()
Affected products
Fixed
360 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:nspr-0:4.8.4-1.1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-0:4.8.4-1.1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-0:4.8.4-1.1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-0:4.8.4-1.1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-0:4.8.4-1.1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-0:4.8.4-1.1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-0:4.8.4-1.1.el4_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-0:4.8.4-1.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-devel-0:4.8.4-1.1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-devel-0:4.8.4-1.1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-devel-0:4.8.4-1.1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-devel-0:4.8.4-1.1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-devel-0:4.8.4-1.1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nspr-devel-0:4.8.4-1.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-0:3.12.6-1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-0:3.12.6-1.el4_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-debuginfo-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-debuginfo-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-debuginfo-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-debuginfo-0:3.12.6-1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-debuginfo-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-debuginfo-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-debuginfo-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-devel-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-devel-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-devel-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-devel-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-devel-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-devel-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-tools-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-tools-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-tools-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-tools-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-tools-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:nss-tools-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-0:4.8.4-1.1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-0:4.8.4-1.1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-0:4.8.4-1.1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-0:4.8.4-1.1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-0:4.8.4-1.1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-0:4.8.4-1.1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-0:4.8.4-1.1.el4_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-0:4.8.4-1.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-0:3.12.6-1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-0:3.12.6-1.el4_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-devel-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-devel-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-devel-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-devel-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-devel-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-devel-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-tools-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-tools-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-tools-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-tools-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-tools-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:nss-tools-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-0:4.8.4-1.1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-0:4.8.4-1.1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-0:4.8.4-1.1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-0:4.8.4-1.1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-0:4.8.4-1.1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-0:4.8.4-1.1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-0:4.8.4-1.1.el4_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-0:4.8.4-1.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-devel-0:4.8.4-1.1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-devel-0:4.8.4-1.1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-devel-0:4.8.4-1.1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-devel-0:4.8.4-1.1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-devel-0:4.8.4-1.1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nspr-devel-0:4.8.4-1.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-0:3.12.6-1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-0:3.12.6-1.el4_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-debuginfo-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-debuginfo-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-debuginfo-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-debuginfo-0:3.12.6-1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-debuginfo-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-debuginfo-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-debuginfo-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-devel-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-devel-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-devel-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-devel-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-devel-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-devel-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-tools-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-tools-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-tools-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-tools-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-tools-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:nss-tools-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-0:4.8.4-1.1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-0:4.8.4-1.1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-0:4.8.4-1.1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-0:4.8.4-1.1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-0:4.8.4-1.1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-0:4.8.4-1.1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-0:4.8.4-1.1.el4_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-0:4.8.4-1.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-devel-0:4.8.4-1.1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-devel-0:4.8.4-1.1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-devel-0:4.8.4-1.1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-devel-0:4.8.4-1.1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-devel-0:4.8.4-1.1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nspr-devel-0:4.8.4-1.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-0:3.12.6-1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-0:3.12.6-1.el4_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-debuginfo-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-debuginfo-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-debuginfo-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-debuginfo-0:3.12.6-1.el4_8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-debuginfo-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-debuginfo-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-debuginfo-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-devel-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-devel-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-devel-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-devel-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-devel-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-devel-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-tools-0:3.12.6-1.el4_8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-tools-0:3.12.6-1.el4_8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-tools-0:3.12.6-1.el4_8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-tools-0:3.12.6-1.el4_8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-tools-0:3.12.6-1.el4_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:nss-tools-0:3.12.6-1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-0:4.8.4-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-0:4.8.4-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-0:4.8.4-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-0:4.8.4-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-0:4.8.4-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-0:4.8.4-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-0:4.8.4-1.el5_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-0:4.8.4-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-0:3.12.6-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-0:3.12.6-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-0:3.12.6-1.el5_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-0:4.8.4-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-0:4.8.4-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-0:4.8.4-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-0:4.8.4-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-0:4.8.4-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-0:4.8.4-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-0:4.8.4-1.el5_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-0:4.8.4-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-debuginfo-0:4.8.4-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-debuginfo-0:4.8.4-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-debuginfo-0:4.8.4-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-devel-0:4.8.4-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-devel-0:4.8.4-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-devel-0:4.8.4-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-devel-0:4.8.4-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-devel-0:4.8.4-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-devel-0:4.8.4-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nspr-devel-0:4.8.4-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-0:3.12.6-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-0:3.12.6-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-0:3.12.6-1.el5_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-debuginfo-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-debuginfo-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-debuginfo-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-debuginfo-0:3.12.6-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-debuginfo-0:3.12.6-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-debuginfo-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-debuginfo-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-devel-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-devel-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-devel-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-devel-0:3.12.6-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-devel-0:3.12.6-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-devel-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-devel-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-tools-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-tools-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-tools-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-tools-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:nss-tools-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-0:4.8.4-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-0:4.8.4-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-0:4.8.4-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-0:4.8.4-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-0:4.8.4-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-0:4.8.4-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-0:4.8.4-1.el5_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-0:4.8.4-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-debuginfo-0:4.8.4-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-debuginfo-0:4.8.4-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-debuginfo-0:4.8.4-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-devel-0:4.8.4-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-devel-0:4.8.4-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-devel-0:4.8.4-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-devel-0:4.8.4-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-devel-0:4.8.4-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-devel-0:4.8.4-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nspr-devel-0:4.8.4-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-0:3.12.6-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-0:3.12.6-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-0:3.12.6-1.el5_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-debuginfo-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-debuginfo-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-debuginfo-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-debuginfo-0:3.12.6-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-debuginfo-0:3.12.6-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-debuginfo-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-debuginfo-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-devel-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-devel-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-devel-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-devel-0:3.12.6-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-devel-0:3.12.6-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-devel-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-devel-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-tools-0:3.12.6-1.el5_4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-tools-0:3.12.6-1.el5_4.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-tools-0:3.12.6-1.el5_4.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-tools-0:3.12.6-1.el5_4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:nss-tools-0:3.12.6-1.el5_4.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated nss packages that fix a security issue are now available for Red\nHat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Applications built with NSS can support SSLv2, SSLv3, TLS,\nand other security standards.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI\noperating system facilities. These facilities include threads, thread\nsynchronization, normal file and network I/O, interval timing, calendar\ntime, basic memory management (malloc and free), and shared library\nlinking.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client\u0027s\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker\u0027s request as if authenticated using the\nvictim\u0027s credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthis flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nUsers of Red Hat Certificate System 7.3 and 8.0 should review the following\nKnowledgebase article before installing this update:\nhttp://kbase.redhat.com/faq/docs/DOC-28439\n\nAll users of NSS are advised to upgrade to these updated packages, which\nupdate NSS to version 3.12.6. This erratum also updates the NSPR packages\nto the version required by NSS 3.12.6. All running applications using the\nNSS library must be restarted for this update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0165",
"url": "https://access.redhat.com/errata/RHSA-2010:0165"
},
{
"category": "external",
"summary": "533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#moderate",
"url": "http://www.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "http://kbase.redhat.com/faq/docs/DOC-20491",
"url": "http://kbase.redhat.com/faq/docs/DOC-20491"
},
{
"category": "external",
"summary": "http://kbase.redhat.com/faq/docs/DOC-28439",
"url": "http://kbase.redhat.com/faq/docs/DOC-28439"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0165.json"
}
],
"title": "Red Hat Security Advisory: nss security update",
"tracking": {
"current_release_date": "2026-05-27T17:13:51+00:00",
"generator": {
"date": "2026-05-27T17:13:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2010:0165",
"initial_release_date": "2010-03-25T10:01:00+00:00",
"revision_history": [
{
"date": "2010-03-25T10:01:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-03-25T06:05:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T17:13:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"product_id": "nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.el5_4.x86_64",
"product": {
"name": "nspr-devel-0:4.8.4-1.el5_4.x86_64",
"product_id": "nspr-devel-0:4.8.4-1.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.el5_4.x86_64",
"product": {
"name": "nspr-0:4.8.4-1.el5_4.x86_64",
"product_id": "nspr-0:4.8.4-1.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"product_id": "nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el5_4.x86_64",
"product": {
"name": "nss-devel-0:3.12.6-1.el5_4.x86_64",
"product_id": "nss-devel-0:3.12.6-1.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"product": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"product_id": "nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.12.6-1.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.12.6-1.el5_4.x86_64",
"product": {
"name": "nss-tools-0:3.12.6-1.el5_4.x86_64",
"product_id": "nss-tools-0:3.12.6-1.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.12.6-1.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el5_4.x86_64",
"product": {
"name": "nss-0:3.12.6-1.el5_4.x86_64",
"product_id": "nss-0:3.12.6-1.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"product": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"product_id": "nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.1.el4_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.1.el4_8.x86_64",
"product": {
"name": "nspr-0:4.8.4-1.1.el4_8.x86_64",
"product_id": "nspr-0:4.8.4-1.1.el4_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.1.el4_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"product_id": "nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.1.el4_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el4_8.x86_64",
"product": {
"name": "nss-0:3.12.6-1.el4_8.x86_64",
"product_id": "nss-0:3.12.6-1.el4_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el4_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"product_id": "nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el4_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el4_8.x86_64",
"product": {
"name": "nss-devel-0:3.12.6-1.el4_8.x86_64",
"product_id": "nss-devel-0:3.12.6-1.el4_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el4_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.12.6-1.el4_8.x86_64",
"product": {
"name": "nss-tools-0:3.12.6-1.el4_8.x86_64",
"product_id": "nss-tools-0:3.12.6-1.el4_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.12.6-1.el4_8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"product_id": "nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.el5_4.i386",
"product": {
"name": "nspr-devel-0:4.8.4-1.el5_4.i386",
"product_id": "nspr-devel-0:4.8.4-1.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.el5_4.i386",
"product": {
"name": "nspr-0:4.8.4-1.el5_4.i386",
"product_id": "nspr-0:4.8.4-1.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el5_4.i386",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.i386",
"product_id": "nss-debuginfo-0:3.12.6-1.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el5_4.i386",
"product": {
"name": "nss-devel-0:3.12.6-1.el5_4.i386",
"product_id": "nss-devel-0:3.12.6-1.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"product": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"product_id": "nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.12.6-1.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el5_4.i386",
"product": {
"name": "nss-0:3.12.6-1.el5_4.i386",
"product_id": "nss-0:3.12.6-1.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.12.6-1.el5_4.i386",
"product": {
"name": "nss-tools-0:3.12.6-1.el5_4.i386",
"product_id": "nss-tools-0:3.12.6-1.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.12.6-1.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.1.el4_8.i386",
"product": {
"name": "nspr-0:4.8.4-1.1.el4_8.i386",
"product_id": "nspr-0:4.8.4-1.1.el4_8.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.1.el4_8?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"product_id": "nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.1.el4_8?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.1.el4_8.i386",
"product": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.i386",
"product_id": "nspr-devel-0:4.8.4-1.1.el4_8.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.1.el4_8?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el4_8.i386",
"product": {
"name": "nss-0:3.12.6-1.el4_8.i386",
"product_id": "nss-0:3.12.6-1.el4_8.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el4_8?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el4_8.i386",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.i386",
"product_id": "nss-debuginfo-0:3.12.6-1.el4_8.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el4_8?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el4_8.i386",
"product": {
"name": "nss-devel-0:3.12.6-1.el4_8.i386",
"product_id": "nss-devel-0:3.12.6-1.el4_8.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el4_8?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.12.6-1.el4_8.i386",
"product": {
"name": "nss-tools-0:3.12.6-1.el4_8.i386",
"product_id": "nss-tools-0:3.12.6-1.el4_8.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.12.6-1.el4_8?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.el5_4.src",
"product": {
"name": "nspr-0:4.8.4-1.el5_4.src",
"product_id": "nspr-0:4.8.4-1.el5_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.el5_4?arch=src"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el5_4.src",
"product": {
"name": "nss-0:3.12.6-1.el5_4.src",
"product_id": "nss-0:3.12.6-1.el5_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el5_4?arch=src"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.1.el4_8.src",
"product": {
"name": "nspr-0:4.8.4-1.1.el4_8.src",
"product_id": "nspr-0:4.8.4-1.1.el4_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.1.el4_8?arch=src"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el4_8.src",
"product": {
"name": "nss-0:3.12.6-1.el4_8.src",
"product_id": "nss-0:3.12.6-1.el4_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el4_8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"product_id": "nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.el5_4.ia64",
"product": {
"name": "nspr-0:4.8.4-1.el5_4.ia64",
"product_id": "nspr-0:4.8.4-1.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.el5_4.ia64",
"product": {
"name": "nspr-devel-0:4.8.4-1.el5_4.ia64",
"product_id": "nspr-devel-0:4.8.4-1.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"product_id": "nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el5_4.ia64",
"product": {
"name": "nss-devel-0:3.12.6-1.el5_4.ia64",
"product_id": "nss-devel-0:3.12.6-1.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.12.6-1.el5_4.ia64",
"product": {
"name": "nss-tools-0:3.12.6-1.el5_4.ia64",
"product_id": "nss-tools-0:3.12.6-1.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.12.6-1.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el5_4.ia64",
"product": {
"name": "nss-0:3.12.6-1.el5_4.ia64",
"product_id": "nss-0:3.12.6-1.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"product": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"product_id": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.12.6-1.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"product": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"product_id": "nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.1.el4_8?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.1.el4_8.ia64",
"product": {
"name": "nspr-0:4.8.4-1.1.el4_8.ia64",
"product_id": "nspr-0:4.8.4-1.1.el4_8.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.1.el4_8?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"product_id": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.1.el4_8?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el4_8.ia64",
"product": {
"name": "nss-0:3.12.6-1.el4_8.ia64",
"product_id": "nss-0:3.12.6-1.el4_8.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el4_8?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"product_id": "nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el4_8?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el4_8.ia64",
"product": {
"name": "nss-devel-0:3.12.6-1.el4_8.ia64",
"product_id": "nss-devel-0:3.12.6-1.el4_8.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el4_8?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.12.6-1.el4_8.ia64",
"product": {
"name": "nss-tools-0:3.12.6-1.el4_8.ia64",
"product_id": "nss-tools-0:3.12.6-1.el4_8.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.12.6-1.el4_8?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"product_id": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.el5_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.el5_4.ppc64",
"product": {
"name": "nspr-0:4.8.4-1.el5_4.ppc64",
"product_id": "nspr-0:4.8.4-1.el5_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.el5_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.el5_4.ppc64",
"product": {
"name": "nspr-devel-0:4.8.4-1.el5_4.ppc64",
"product_id": "nspr-devel-0:4.8.4-1.el5_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.el5_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"product_id": "nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el5_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el5_4.ppc64",
"product": {
"name": "nss-devel-0:3.12.6-1.el5_4.ppc64",
"product_id": "nss-devel-0:3.12.6-1.el5_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el5_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el5_4.ppc64",
"product": {
"name": "nss-0:3.12.6-1.el5_4.ppc64",
"product_id": "nss-0:3.12.6-1.el5_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el5_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"product": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"product_id": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.12.6-1.el5_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.1.el4_8.ppc64",
"product": {
"name": "nspr-0:4.8.4-1.1.el4_8.ppc64",
"product_id": "nspr-0:4.8.4-1.1.el4_8.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.1.el4_8?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"product_id": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.1.el4_8?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el4_8.ppc64",
"product": {
"name": "nss-0:3.12.6-1.el4_8.ppc64",
"product_id": "nss-0:3.12.6-1.el4_8.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el4_8?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"product_id": "nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el4_8?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"product_id": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.el5_4.ppc",
"product": {
"name": "nspr-0:4.8.4-1.el5_4.ppc",
"product_id": "nspr-0:4.8.4-1.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.el5_4.ppc",
"product": {
"name": "nspr-devel-0:4.8.4-1.el5_4.ppc",
"product_id": "nspr-devel-0:4.8.4-1.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"product_id": "nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el5_4.ppc",
"product": {
"name": "nss-devel-0:3.12.6-1.el5_4.ppc",
"product_id": "nss-devel-0:3.12.6-1.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.12.6-1.el5_4.ppc",
"product": {
"name": "nss-tools-0:3.12.6-1.el5_4.ppc",
"product_id": "nss-tools-0:3.12.6-1.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.12.6-1.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el5_4.ppc",
"product": {
"name": "nss-0:3.12.6-1.el5_4.ppc",
"product_id": "nss-0:3.12.6-1.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"product": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"product_id": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.12.6-1.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"product": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"product_id": "nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.1.el4_8?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.1.el4_8.ppc",
"product": {
"name": "nspr-0:4.8.4-1.1.el4_8.ppc",
"product_id": "nspr-0:4.8.4-1.1.el4_8.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.1.el4_8?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"product_id": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.1.el4_8?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el4_8.ppc",
"product": {
"name": "nss-0:3.12.6-1.el4_8.ppc",
"product_id": "nss-0:3.12.6-1.el4_8.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el4_8?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"product_id": "nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el4_8?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el4_8.ppc",
"product": {
"name": "nss-devel-0:3.12.6-1.el4_8.ppc",
"product_id": "nss-devel-0:3.12.6-1.el4_8.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el4_8?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.12.6-1.el4_8.ppc",
"product": {
"name": "nss-tools-0:3.12.6-1.el4_8.ppc",
"product_id": "nss-tools-0:3.12.6-1.el4_8.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.12.6-1.el4_8?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"product_id": "nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.el5_4.s390x",
"product": {
"name": "nspr-0:4.8.4-1.el5_4.s390x",
"product_id": "nspr-0:4.8.4-1.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.el5_4.s390x",
"product": {
"name": "nspr-devel-0:4.8.4-1.el5_4.s390x",
"product_id": "nspr-devel-0:4.8.4-1.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"product_id": "nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el5_4.s390x",
"product": {
"name": "nss-devel-0:3.12.6-1.el5_4.s390x",
"product_id": "nss-devel-0:3.12.6-1.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.12.6-1.el5_4.s390x",
"product": {
"name": "nss-tools-0:3.12.6-1.el5_4.s390x",
"product_id": "nss-tools-0:3.12.6-1.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.12.6-1.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el5_4.s390x",
"product": {
"name": "nss-0:3.12.6-1.el5_4.s390x",
"product_id": "nss-0:3.12.6-1.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"product": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"product_id": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.12.6-1.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"product": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"product_id": "nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.1.el4_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.1.el4_8.s390x",
"product": {
"name": "nspr-0:4.8.4-1.1.el4_8.s390x",
"product_id": "nspr-0:4.8.4-1.1.el4_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.1.el4_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"product_id": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.1.el4_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el4_8.s390x",
"product": {
"name": "nss-0:3.12.6-1.el4_8.s390x",
"product_id": "nss-0:3.12.6-1.el4_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el4_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"product_id": "nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el4_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el4_8.s390x",
"product": {
"name": "nss-devel-0:3.12.6-1.el4_8.s390x",
"product_id": "nss-devel-0:3.12.6-1.el4_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el4_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.12.6-1.el4_8.s390x",
"product": {
"name": "nss-tools-0:3.12.6-1.el4_8.s390x",
"product_id": "nss-tools-0:3.12.6-1.el4_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.12.6-1.el4_8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"product_id": "nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.el5_4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.el5_4.s390",
"product": {
"name": "nspr-0:4.8.4-1.el5_4.s390",
"product_id": "nspr-0:4.8.4-1.el5_4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.el5_4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.el5_4.s390",
"product": {
"name": "nspr-devel-0:4.8.4-1.el5_4.s390",
"product_id": "nspr-devel-0:4.8.4-1.el5_4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.el5_4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el5_4.s390",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.s390",
"product_id": "nss-debuginfo-0:3.12.6-1.el5_4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el5_4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el5_4.s390",
"product": {
"name": "nss-devel-0:3.12.6-1.el5_4.s390",
"product_id": "nss-devel-0:3.12.6-1.el5_4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el5_4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el5_4.s390",
"product": {
"name": "nss-0:3.12.6-1.el5_4.s390",
"product_id": "nss-0:3.12.6-1.el5_4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el5_4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"product": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"product_id": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.12.6-1.el5_4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.8.4-1.1.el4_8.s390",
"product": {
"name": "nspr-0:4.8.4-1.1.el4_8.s390",
"product_id": "nspr-0:4.8.4-1.1.el4_8.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.8.4-1.1.el4_8?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"product": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"product_id": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.8.4-1.1.el4_8?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nspr-devel-0:4.8.4-1.1.el4_8.s390",
"product": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.s390",
"product_id": "nspr-devel-0:4.8.4-1.1.el4_8.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.8.4-1.1.el4_8?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.12.6-1.el4_8.s390",
"product": {
"name": "nss-0:3.12.6-1.el4_8.s390",
"product_id": "nss-0:3.12.6-1.el4_8.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.12.6-1.el4_8?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.12.6-1.el4_8.s390",
"product": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.s390",
"product_id": "nss-debuginfo-0:3.12.6-1.el4_8.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.12.6-1.el4_8?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.12.6-1.el4_8.s390",
"product": {
"name": "nss-devel-0:3.12.6-1.el4_8.s390",
"product_id": "nss-devel-0:3.12.6-1.el4_8.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.12.6-1.el4_8?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.12.6-1.el4_8.s390",
"product": {
"name": "nss-tools-0:3.12.6-1.el4_8.s390",
"product_id": "nss-tools-0:3.12.6-1.el4_8.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.12.6-1.el4_8?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-0:4.8.4-1.1.el4_8.i386"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-0:4.8.4-1.1.el4_8.ia64"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-0:4.8.4-1.1.el4_8.ppc"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-0:4.8.4-1.1.el4_8.ppc64"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-0:4.8.4-1.1.el4_8.s390"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-0:4.8.4-1.1.el4_8.s390x"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-0:4.8.4-1.1.el4_8.src"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-0:4.8.4-1.1.el4_8.x86_64"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-devel-0:4.8.4-1.1.el4_8.i386"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-devel-0:4.8.4-1.1.el4_8.ia64"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-devel-0:4.8.4-1.1.el4_8.ppc"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-devel-0:4.8.4-1.1.el4_8.s390"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-devel-0:4.8.4-1.1.el4_8.s390x"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nspr-devel-0:4.8.4-1.1.el4_8.x86_64"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-0:3.12.6-1.el4_8.ppc64"
},
"product_reference": "nss-0:3.12.6-1.el4_8.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-0:3.12.6-1.el4_8.src"
},
"product_reference": "nss-0:3.12.6-1.el4_8.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-debuginfo-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-debuginfo-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-debuginfo-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-debuginfo-0:3.12.6-1.el4_8.ppc64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-debuginfo-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-debuginfo-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-debuginfo-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-devel-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-devel-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-devel-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-devel-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-devel-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-devel-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-tools-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-tools-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-tools-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-tools-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-tools-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:nss-tools-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-0:4.8.4-1.1.el4_8.i386"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-0:4.8.4-1.1.el4_8.ia64"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-0:4.8.4-1.1.el4_8.ppc"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-0:4.8.4-1.1.el4_8.ppc64"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-0:4.8.4-1.1.el4_8.s390"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-0:4.8.4-1.1.el4_8.s390x"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-0:4.8.4-1.1.el4_8.src"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-0:4.8.4-1.1.el4_8.x86_64"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.i386"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.ia64"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.ppc"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.s390"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.s390x"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.x86_64"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-0:3.12.6-1.el4_8.ppc64"
},
"product_reference": "nss-0:3.12.6-1.el4_8.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-0:3.12.6-1.el4_8.src"
},
"product_reference": "nss-0:3.12.6-1.el4_8.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ppc64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-devel-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-devel-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-devel-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-devel-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-devel-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-devel-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-tools-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-tools-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-tools-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-tools-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-tools-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:nss-tools-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-0:4.8.4-1.1.el4_8.i386"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-0:4.8.4-1.1.el4_8.ia64"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-0:4.8.4-1.1.el4_8.ppc"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-0:4.8.4-1.1.el4_8.ppc64"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-0:4.8.4-1.1.el4_8.s390"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-0:4.8.4-1.1.el4_8.s390x"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-0:4.8.4-1.1.el4_8.src"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-0:4.8.4-1.1.el4_8.x86_64"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-devel-0:4.8.4-1.1.el4_8.i386"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-devel-0:4.8.4-1.1.el4_8.ia64"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-devel-0:4.8.4-1.1.el4_8.ppc"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-devel-0:4.8.4-1.1.el4_8.s390"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-devel-0:4.8.4-1.1.el4_8.s390x"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nspr-devel-0:4.8.4-1.1.el4_8.x86_64"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-0:3.12.6-1.el4_8.ppc64"
},
"product_reference": "nss-0:3.12.6-1.el4_8.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-0:3.12.6-1.el4_8.src"
},
"product_reference": "nss-0:3.12.6-1.el4_8.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-debuginfo-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-debuginfo-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-debuginfo-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-debuginfo-0:3.12.6-1.el4_8.ppc64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-debuginfo-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-debuginfo-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-debuginfo-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-devel-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-devel-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-devel-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-devel-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-devel-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-devel-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-tools-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-tools-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-tools-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-tools-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-tools-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:nss-tools-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-0:4.8.4-1.1.el4_8.i386"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-0:4.8.4-1.1.el4_8.ia64"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-0:4.8.4-1.1.el4_8.ppc"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-0:4.8.4-1.1.el4_8.ppc64"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-0:4.8.4-1.1.el4_8.s390"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-0:4.8.4-1.1.el4_8.s390x"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-0:4.8.4-1.1.el4_8.src"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.1.el4_8.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-0:4.8.4-1.1.el4_8.x86_64"
},
"product_reference": "nspr-0:4.8.4-1.1.el4_8.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-devel-0:4.8.4-1.1.el4_8.i386"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-devel-0:4.8.4-1.1.el4_8.ia64"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-devel-0:4.8.4-1.1.el4_8.ppc"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-devel-0:4.8.4-1.1.el4_8.s390"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-devel-0:4.8.4-1.1.el4_8.s390x"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.1.el4_8.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nspr-devel-0:4.8.4-1.1.el4_8.x86_64"
},
"product_reference": "nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-0:3.12.6-1.el4_8.ppc64"
},
"product_reference": "nss-0:3.12.6-1.el4_8.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-0:3.12.6-1.el4_8.src"
},
"product_reference": "nss-0:3.12.6-1.el4_8.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-debuginfo-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-debuginfo-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-debuginfo-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-debuginfo-0:3.12.6-1.el4_8.ppc64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-debuginfo-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-debuginfo-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-debuginfo-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-devel-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-devel-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-devel-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-devel-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-devel-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-devel-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-devel-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-tools-0:3.12.6-1.el4_8.i386"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-tools-0:3.12.6-1.el4_8.ia64"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-tools-0:3.12.6-1.el4_8.ppc"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-tools-0:3.12.6-1.el4_8.s390"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-tools-0:3.12.6-1.el4_8.s390x"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el4_8.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:nss-tools-0:3.12.6-1.el4_8.x86_64"
},
"product_reference": "nss-tools-0:3.12.6-1.el4_8.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-0:4.8.4-1.el5_4.i386"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-0:4.8.4-1.el5_4.ia64"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-0:4.8.4-1.el5_4.ppc"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-0:4.8.4-1.el5_4.ppc64"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-0:4.8.4-1.el5_4.s390"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-0:4.8.4-1.el5_4.s390x"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-0:4.8.4-1.el5_4.src"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-0:4.8.4-1.el5_4.x86_64"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.i386"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ia64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ppc"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.s390"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.s390x"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.i386"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ia64"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ppc"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ppc64"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.s390"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.s390x"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.x86_64"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-0:3.12.6-1.el5_4.ppc64"
},
"product_reference": "nss-0:3.12.6-1.el5_4.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-0:3.12.6-1.el5_4.s390"
},
"product_reference": "nss-0:3.12.6-1.el5_4.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-0:3.12.6-1.el5_4.src"
},
"product_reference": "nss-0:3.12.6-1.el5_4.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ppc64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.s390"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ppc64"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.s390"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-0:4.8.4-1.el5_4.i386"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-0:4.8.4-1.el5_4.ia64"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-0:4.8.4-1.el5_4.ppc"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-0:4.8.4-1.el5_4.ppc64"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-0:4.8.4-1.el5_4.s390"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-0:4.8.4-1.el5_4.s390x"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-0:4.8.4-1.el5_4.src"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-0:4.8.4-1.el5_4.x86_64"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-debuginfo-0:4.8.4-1.el5_4.i386"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ia64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ppc"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-debuginfo-0:4.8.4-1.el5_4.s390"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-debuginfo-0:4.8.4-1.el5_4.s390x"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-devel-0:4.8.4-1.el5_4.i386"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-devel-0:4.8.4-1.el5_4.ia64"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-devel-0:4.8.4-1.el5_4.ppc"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-devel-0:4.8.4-1.el5_4.ppc64"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-devel-0:4.8.4-1.el5_4.s390"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-devel-0:4.8.4-1.el5_4.s390x"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nspr-devel-0:4.8.4-1.el5_4.x86_64"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-0:3.12.6-1.el5_4.ppc64"
},
"product_reference": "nss-0:3.12.6-1.el5_4.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-0:3.12.6-1.el5_4.s390"
},
"product_reference": "nss-0:3.12.6-1.el5_4.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-0:3.12.6-1.el5_4.src"
},
"product_reference": "nss-0:3.12.6-1.el5_4.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-debuginfo-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-debuginfo-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-debuginfo-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-debuginfo-0:3.12.6-1.el5_4.ppc64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-debuginfo-0:3.12.6-1.el5_4.s390"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-debuginfo-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-debuginfo-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-devel-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-devel-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-devel-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-devel-0:3.12.6-1.el5_4.ppc64"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-devel-0:3.12.6-1.el5_4.s390"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-devel-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-devel-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-tools-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-tools-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-tools-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-tools-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:nss-tools-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-0:4.8.4-1.el5_4.i386"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-0:4.8.4-1.el5_4.ia64"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-0:4.8.4-1.el5_4.ppc"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-0:4.8.4-1.el5_4.ppc64"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-0:4.8.4-1.el5_4.s390"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-0:4.8.4-1.el5_4.s390x"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-0:4.8.4-1.el5_4.src"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.8.4-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-0:4.8.4-1.el5_4.x86_64"
},
"product_reference": "nspr-0:4.8.4-1.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-debuginfo-0:4.8.4-1.el5_4.i386"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ia64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ppc"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-debuginfo-0:4.8.4-1.el5_4.s390"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-debuginfo-0:4.8.4-1.el5_4.s390x"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.8.4-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64"
},
"product_reference": "nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-devel-0:4.8.4-1.el5_4.i386"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-devel-0:4.8.4-1.el5_4.ia64"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-devel-0:4.8.4-1.el5_4.ppc"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-devel-0:4.8.4-1.el5_4.ppc64"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-devel-0:4.8.4-1.el5_4.s390"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-devel-0:4.8.4-1.el5_4.s390x"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.8.4-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nspr-devel-0:4.8.4-1.el5_4.x86_64"
},
"product_reference": "nspr-devel-0:4.8.4-1.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-0:3.12.6-1.el5_4.ppc64"
},
"product_reference": "nss-0:3.12.6-1.el5_4.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-0:3.12.6-1.el5_4.s390"
},
"product_reference": "nss-0:3.12.6-1.el5_4.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-0:3.12.6-1.el5_4.src"
},
"product_reference": "nss-0:3.12.6-1.el5_4.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-debuginfo-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-debuginfo-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-debuginfo-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-debuginfo-0:3.12.6-1.el5_4.ppc64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-debuginfo-0:3.12.6-1.el5_4.s390"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-debuginfo-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-debuginfo-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-devel-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-devel-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-devel-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-devel-0:3.12.6-1.el5_4.ppc64"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-devel-0:3.12.6-1.el5_4.s390"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-devel-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-devel-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-devel-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-tools-0:3.12.6-1.el5_4.i386"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-tools-0:3.12.6-1.el5_4.ia64"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-tools-0:3.12.6-1.el5_4.ppc"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-tools-0:3.12.6-1.el5_4.s390x"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.12.6-1.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:nss-tools-0:3.12.6-1.el5_4.x86_64"
},
"product_reference": "nss-tools-0:3.12.6-1.el5_4.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3555",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2009-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "533125"
}
],
"notes": [
{
"category": "description",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS: MITM attacks via session renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:nspr-0:4.8.4-1.1.el4_8.i386",
"4AS:nspr-0:4.8.4-1.1.el4_8.ia64",
"4AS:nspr-0:4.8.4-1.1.el4_8.ppc",
"4AS:nspr-0:4.8.4-1.1.el4_8.ppc64",
"4AS:nspr-0:4.8.4-1.1.el4_8.s390",
"4AS:nspr-0:4.8.4-1.1.el4_8.s390x",
"4AS:nspr-0:4.8.4-1.1.el4_8.src",
"4AS:nspr-0:4.8.4-1.1.el4_8.x86_64",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.i386",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.s390",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"4AS:nss-0:3.12.6-1.el4_8.i386",
"4AS:nss-0:3.12.6-1.el4_8.ia64",
"4AS:nss-0:3.12.6-1.el4_8.ppc",
"4AS:nss-0:3.12.6-1.el4_8.ppc64",
"4AS:nss-0:3.12.6-1.el4_8.s390",
"4AS:nss-0:3.12.6-1.el4_8.s390x",
"4AS:nss-0:3.12.6-1.el4_8.src",
"4AS:nss-0:3.12.6-1.el4_8.x86_64",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.i386",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.s390",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"4AS:nss-devel-0:3.12.6-1.el4_8.i386",
"4AS:nss-devel-0:3.12.6-1.el4_8.ia64",
"4AS:nss-devel-0:3.12.6-1.el4_8.ppc",
"4AS:nss-devel-0:3.12.6-1.el4_8.s390",
"4AS:nss-devel-0:3.12.6-1.el4_8.s390x",
"4AS:nss-devel-0:3.12.6-1.el4_8.x86_64",
"4AS:nss-tools-0:3.12.6-1.el4_8.i386",
"4AS:nss-tools-0:3.12.6-1.el4_8.ia64",
"4AS:nss-tools-0:3.12.6-1.el4_8.ppc",
"4AS:nss-tools-0:3.12.6-1.el4_8.s390",
"4AS:nss-tools-0:3.12.6-1.el4_8.s390x",
"4AS:nss-tools-0:3.12.6-1.el4_8.x86_64",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.i386",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.ia64",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.ppc",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.ppc64",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.s390",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.s390x",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.src",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.x86_64",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.i386",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.s390",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"4Desktop:nss-0:3.12.6-1.el4_8.i386",
"4Desktop:nss-0:3.12.6-1.el4_8.ia64",
"4Desktop:nss-0:3.12.6-1.el4_8.ppc",
"4Desktop:nss-0:3.12.6-1.el4_8.ppc64",
"4Desktop:nss-0:3.12.6-1.el4_8.s390",
"4Desktop:nss-0:3.12.6-1.el4_8.s390x",
"4Desktop:nss-0:3.12.6-1.el4_8.src",
"4Desktop:nss-0:3.12.6-1.el4_8.x86_64",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.i386",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.s390",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.i386",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.ia64",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.ppc",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.s390",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.s390x",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.x86_64",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.i386",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.ia64",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.ppc",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.s390",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.s390x",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.x86_64",
"4ES:nspr-0:4.8.4-1.1.el4_8.i386",
"4ES:nspr-0:4.8.4-1.1.el4_8.ia64",
"4ES:nspr-0:4.8.4-1.1.el4_8.ppc",
"4ES:nspr-0:4.8.4-1.1.el4_8.ppc64",
"4ES:nspr-0:4.8.4-1.1.el4_8.s390",
"4ES:nspr-0:4.8.4-1.1.el4_8.s390x",
"4ES:nspr-0:4.8.4-1.1.el4_8.src",
"4ES:nspr-0:4.8.4-1.1.el4_8.x86_64",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.i386",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.s390",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"4ES:nss-0:3.12.6-1.el4_8.i386",
"4ES:nss-0:3.12.6-1.el4_8.ia64",
"4ES:nss-0:3.12.6-1.el4_8.ppc",
"4ES:nss-0:3.12.6-1.el4_8.ppc64",
"4ES:nss-0:3.12.6-1.el4_8.s390",
"4ES:nss-0:3.12.6-1.el4_8.s390x",
"4ES:nss-0:3.12.6-1.el4_8.src",
"4ES:nss-0:3.12.6-1.el4_8.x86_64",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.i386",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.s390",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"4ES:nss-devel-0:3.12.6-1.el4_8.i386",
"4ES:nss-devel-0:3.12.6-1.el4_8.ia64",
"4ES:nss-devel-0:3.12.6-1.el4_8.ppc",
"4ES:nss-devel-0:3.12.6-1.el4_8.s390",
"4ES:nss-devel-0:3.12.6-1.el4_8.s390x",
"4ES:nss-devel-0:3.12.6-1.el4_8.x86_64",
"4ES:nss-tools-0:3.12.6-1.el4_8.i386",
"4ES:nss-tools-0:3.12.6-1.el4_8.ia64",
"4ES:nss-tools-0:3.12.6-1.el4_8.ppc",
"4ES:nss-tools-0:3.12.6-1.el4_8.s390",
"4ES:nss-tools-0:3.12.6-1.el4_8.s390x",
"4ES:nss-tools-0:3.12.6-1.el4_8.x86_64",
"4WS:nspr-0:4.8.4-1.1.el4_8.i386",
"4WS:nspr-0:4.8.4-1.1.el4_8.ia64",
"4WS:nspr-0:4.8.4-1.1.el4_8.ppc",
"4WS:nspr-0:4.8.4-1.1.el4_8.ppc64",
"4WS:nspr-0:4.8.4-1.1.el4_8.s390",
"4WS:nspr-0:4.8.4-1.1.el4_8.s390x",
"4WS:nspr-0:4.8.4-1.1.el4_8.src",
"4WS:nspr-0:4.8.4-1.1.el4_8.x86_64",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.i386",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.s390",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"4WS:nss-0:3.12.6-1.el4_8.i386",
"4WS:nss-0:3.12.6-1.el4_8.ia64",
"4WS:nss-0:3.12.6-1.el4_8.ppc",
"4WS:nss-0:3.12.6-1.el4_8.ppc64",
"4WS:nss-0:3.12.6-1.el4_8.s390",
"4WS:nss-0:3.12.6-1.el4_8.s390x",
"4WS:nss-0:3.12.6-1.el4_8.src",
"4WS:nss-0:3.12.6-1.el4_8.x86_64",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.i386",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.s390",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"4WS:nss-devel-0:3.12.6-1.el4_8.i386",
"4WS:nss-devel-0:3.12.6-1.el4_8.ia64",
"4WS:nss-devel-0:3.12.6-1.el4_8.ppc",
"4WS:nss-devel-0:3.12.6-1.el4_8.s390",
"4WS:nss-devel-0:3.12.6-1.el4_8.s390x",
"4WS:nss-devel-0:3.12.6-1.el4_8.x86_64",
"4WS:nss-tools-0:3.12.6-1.el4_8.i386",
"4WS:nss-tools-0:3.12.6-1.el4_8.ia64",
"4WS:nss-tools-0:3.12.6-1.el4_8.ppc",
"4WS:nss-tools-0:3.12.6-1.el4_8.s390",
"4WS:nss-tools-0:3.12.6-1.el4_8.s390x",
"4WS:nss-tools-0:3.12.6-1.el4_8.x86_64",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.i386",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.ia64",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.ppc",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.ppc64",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.s390",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.s390x",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.src",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.x86_64",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.i386",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ia64",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ppc",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ppc64",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.s390",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.s390x",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.x86_64",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.ppc64",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.s390",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.src",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.x86_64",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.s390",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ppc64",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.s390",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.x86_64",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.x86_64",
"5Client:nspr-0:4.8.4-1.el5_4.i386",
"5Client:nspr-0:4.8.4-1.el5_4.ia64",
"5Client:nspr-0:4.8.4-1.el5_4.ppc",
"5Client:nspr-0:4.8.4-1.el5_4.ppc64",
"5Client:nspr-0:4.8.4-1.el5_4.s390",
"5Client:nspr-0:4.8.4-1.el5_4.s390x",
"5Client:nspr-0:4.8.4-1.el5_4.src",
"5Client:nspr-0:4.8.4-1.el5_4.x86_64",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"5Client:nspr-devel-0:4.8.4-1.el5_4.i386",
"5Client:nspr-devel-0:4.8.4-1.el5_4.ia64",
"5Client:nspr-devel-0:4.8.4-1.el5_4.ppc",
"5Client:nspr-devel-0:4.8.4-1.el5_4.ppc64",
"5Client:nspr-devel-0:4.8.4-1.el5_4.s390",
"5Client:nspr-devel-0:4.8.4-1.el5_4.s390x",
"5Client:nspr-devel-0:4.8.4-1.el5_4.x86_64",
"5Client:nss-0:3.12.6-1.el5_4.i386",
"5Client:nss-0:3.12.6-1.el5_4.ia64",
"5Client:nss-0:3.12.6-1.el5_4.ppc",
"5Client:nss-0:3.12.6-1.el5_4.ppc64",
"5Client:nss-0:3.12.6-1.el5_4.s390",
"5Client:nss-0:3.12.6-1.el5_4.s390x",
"5Client:nss-0:3.12.6-1.el5_4.src",
"5Client:nss-0:3.12.6-1.el5_4.x86_64",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.i386",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.s390",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"5Client:nss-devel-0:3.12.6-1.el5_4.i386",
"5Client:nss-devel-0:3.12.6-1.el5_4.ia64",
"5Client:nss-devel-0:3.12.6-1.el5_4.ppc",
"5Client:nss-devel-0:3.12.6-1.el5_4.ppc64",
"5Client:nss-devel-0:3.12.6-1.el5_4.s390",
"5Client:nss-devel-0:3.12.6-1.el5_4.s390x",
"5Client:nss-devel-0:3.12.6-1.el5_4.x86_64",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"5Client:nss-tools-0:3.12.6-1.el5_4.i386",
"5Client:nss-tools-0:3.12.6-1.el5_4.ia64",
"5Client:nss-tools-0:3.12.6-1.el5_4.ppc",
"5Client:nss-tools-0:3.12.6-1.el5_4.s390x",
"5Client:nss-tools-0:3.12.6-1.el5_4.x86_64",
"5Server:nspr-0:4.8.4-1.el5_4.i386",
"5Server:nspr-0:4.8.4-1.el5_4.ia64",
"5Server:nspr-0:4.8.4-1.el5_4.ppc",
"5Server:nspr-0:4.8.4-1.el5_4.ppc64",
"5Server:nspr-0:4.8.4-1.el5_4.s390",
"5Server:nspr-0:4.8.4-1.el5_4.s390x",
"5Server:nspr-0:4.8.4-1.el5_4.src",
"5Server:nspr-0:4.8.4-1.el5_4.x86_64",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"5Server:nspr-devel-0:4.8.4-1.el5_4.i386",
"5Server:nspr-devel-0:4.8.4-1.el5_4.ia64",
"5Server:nspr-devel-0:4.8.4-1.el5_4.ppc",
"5Server:nspr-devel-0:4.8.4-1.el5_4.ppc64",
"5Server:nspr-devel-0:4.8.4-1.el5_4.s390",
"5Server:nspr-devel-0:4.8.4-1.el5_4.s390x",
"5Server:nspr-devel-0:4.8.4-1.el5_4.x86_64",
"5Server:nss-0:3.12.6-1.el5_4.i386",
"5Server:nss-0:3.12.6-1.el5_4.ia64",
"5Server:nss-0:3.12.6-1.el5_4.ppc",
"5Server:nss-0:3.12.6-1.el5_4.ppc64",
"5Server:nss-0:3.12.6-1.el5_4.s390",
"5Server:nss-0:3.12.6-1.el5_4.s390x",
"5Server:nss-0:3.12.6-1.el5_4.src",
"5Server:nss-0:3.12.6-1.el5_4.x86_64",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.i386",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.s390",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"5Server:nss-devel-0:3.12.6-1.el5_4.i386",
"5Server:nss-devel-0:3.12.6-1.el5_4.ia64",
"5Server:nss-devel-0:3.12.6-1.el5_4.ppc",
"5Server:nss-devel-0:3.12.6-1.el5_4.ppc64",
"5Server:nss-devel-0:3.12.6-1.el5_4.s390",
"5Server:nss-devel-0:3.12.6-1.el5_4.s390x",
"5Server:nss-devel-0:3.12.6-1.el5_4.x86_64",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"5Server:nss-tools-0:3.12.6-1.el5_4.i386",
"5Server:nss-tools-0:3.12.6-1.el5_4.ia64",
"5Server:nss-tools-0:3.12.6-1.el5_4.ppc",
"5Server:nss-tools-0:3.12.6-1.el5_4.s390x",
"5Server:nss-tools-0:3.12.6-1.el5_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "RHBZ#533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555"
}
],
"release_date": "2009-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-03-25T10:01:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:nspr-0:4.8.4-1.1.el4_8.i386",
"4AS:nspr-0:4.8.4-1.1.el4_8.ia64",
"4AS:nspr-0:4.8.4-1.1.el4_8.ppc",
"4AS:nspr-0:4.8.4-1.1.el4_8.ppc64",
"4AS:nspr-0:4.8.4-1.1.el4_8.s390",
"4AS:nspr-0:4.8.4-1.1.el4_8.s390x",
"4AS:nspr-0:4.8.4-1.1.el4_8.src",
"4AS:nspr-0:4.8.4-1.1.el4_8.x86_64",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.i386",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.s390",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"4AS:nss-0:3.12.6-1.el4_8.i386",
"4AS:nss-0:3.12.6-1.el4_8.ia64",
"4AS:nss-0:3.12.6-1.el4_8.ppc",
"4AS:nss-0:3.12.6-1.el4_8.ppc64",
"4AS:nss-0:3.12.6-1.el4_8.s390",
"4AS:nss-0:3.12.6-1.el4_8.s390x",
"4AS:nss-0:3.12.6-1.el4_8.src",
"4AS:nss-0:3.12.6-1.el4_8.x86_64",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.i386",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.s390",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"4AS:nss-devel-0:3.12.6-1.el4_8.i386",
"4AS:nss-devel-0:3.12.6-1.el4_8.ia64",
"4AS:nss-devel-0:3.12.6-1.el4_8.ppc",
"4AS:nss-devel-0:3.12.6-1.el4_8.s390",
"4AS:nss-devel-0:3.12.6-1.el4_8.s390x",
"4AS:nss-devel-0:3.12.6-1.el4_8.x86_64",
"4AS:nss-tools-0:3.12.6-1.el4_8.i386",
"4AS:nss-tools-0:3.12.6-1.el4_8.ia64",
"4AS:nss-tools-0:3.12.6-1.el4_8.ppc",
"4AS:nss-tools-0:3.12.6-1.el4_8.s390",
"4AS:nss-tools-0:3.12.6-1.el4_8.s390x",
"4AS:nss-tools-0:3.12.6-1.el4_8.x86_64",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.i386",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.ia64",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.ppc",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.ppc64",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.s390",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.s390x",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.src",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.x86_64",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.i386",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.s390",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"4Desktop:nss-0:3.12.6-1.el4_8.i386",
"4Desktop:nss-0:3.12.6-1.el4_8.ia64",
"4Desktop:nss-0:3.12.6-1.el4_8.ppc",
"4Desktop:nss-0:3.12.6-1.el4_8.ppc64",
"4Desktop:nss-0:3.12.6-1.el4_8.s390",
"4Desktop:nss-0:3.12.6-1.el4_8.s390x",
"4Desktop:nss-0:3.12.6-1.el4_8.src",
"4Desktop:nss-0:3.12.6-1.el4_8.x86_64",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.i386",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.s390",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.i386",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.ia64",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.ppc",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.s390",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.s390x",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.x86_64",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.i386",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.ia64",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.ppc",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.s390",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.s390x",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.x86_64",
"4ES:nspr-0:4.8.4-1.1.el4_8.i386",
"4ES:nspr-0:4.8.4-1.1.el4_8.ia64",
"4ES:nspr-0:4.8.4-1.1.el4_8.ppc",
"4ES:nspr-0:4.8.4-1.1.el4_8.ppc64",
"4ES:nspr-0:4.8.4-1.1.el4_8.s390",
"4ES:nspr-0:4.8.4-1.1.el4_8.s390x",
"4ES:nspr-0:4.8.4-1.1.el4_8.src",
"4ES:nspr-0:4.8.4-1.1.el4_8.x86_64",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.i386",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.s390",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"4ES:nss-0:3.12.6-1.el4_8.i386",
"4ES:nss-0:3.12.6-1.el4_8.ia64",
"4ES:nss-0:3.12.6-1.el4_8.ppc",
"4ES:nss-0:3.12.6-1.el4_8.ppc64",
"4ES:nss-0:3.12.6-1.el4_8.s390",
"4ES:nss-0:3.12.6-1.el4_8.s390x",
"4ES:nss-0:3.12.6-1.el4_8.src",
"4ES:nss-0:3.12.6-1.el4_8.x86_64",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.i386",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.s390",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"4ES:nss-devel-0:3.12.6-1.el4_8.i386",
"4ES:nss-devel-0:3.12.6-1.el4_8.ia64",
"4ES:nss-devel-0:3.12.6-1.el4_8.ppc",
"4ES:nss-devel-0:3.12.6-1.el4_8.s390",
"4ES:nss-devel-0:3.12.6-1.el4_8.s390x",
"4ES:nss-devel-0:3.12.6-1.el4_8.x86_64",
"4ES:nss-tools-0:3.12.6-1.el4_8.i386",
"4ES:nss-tools-0:3.12.6-1.el4_8.ia64",
"4ES:nss-tools-0:3.12.6-1.el4_8.ppc",
"4ES:nss-tools-0:3.12.6-1.el4_8.s390",
"4ES:nss-tools-0:3.12.6-1.el4_8.s390x",
"4ES:nss-tools-0:3.12.6-1.el4_8.x86_64",
"4WS:nspr-0:4.8.4-1.1.el4_8.i386",
"4WS:nspr-0:4.8.4-1.1.el4_8.ia64",
"4WS:nspr-0:4.8.4-1.1.el4_8.ppc",
"4WS:nspr-0:4.8.4-1.1.el4_8.ppc64",
"4WS:nspr-0:4.8.4-1.1.el4_8.s390",
"4WS:nspr-0:4.8.4-1.1.el4_8.s390x",
"4WS:nspr-0:4.8.4-1.1.el4_8.src",
"4WS:nspr-0:4.8.4-1.1.el4_8.x86_64",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.i386",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.s390",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"4WS:nss-0:3.12.6-1.el4_8.i386",
"4WS:nss-0:3.12.6-1.el4_8.ia64",
"4WS:nss-0:3.12.6-1.el4_8.ppc",
"4WS:nss-0:3.12.6-1.el4_8.ppc64",
"4WS:nss-0:3.12.6-1.el4_8.s390",
"4WS:nss-0:3.12.6-1.el4_8.s390x",
"4WS:nss-0:3.12.6-1.el4_8.src",
"4WS:nss-0:3.12.6-1.el4_8.x86_64",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.i386",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.s390",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"4WS:nss-devel-0:3.12.6-1.el4_8.i386",
"4WS:nss-devel-0:3.12.6-1.el4_8.ia64",
"4WS:nss-devel-0:3.12.6-1.el4_8.ppc",
"4WS:nss-devel-0:3.12.6-1.el4_8.s390",
"4WS:nss-devel-0:3.12.6-1.el4_8.s390x",
"4WS:nss-devel-0:3.12.6-1.el4_8.x86_64",
"4WS:nss-tools-0:3.12.6-1.el4_8.i386",
"4WS:nss-tools-0:3.12.6-1.el4_8.ia64",
"4WS:nss-tools-0:3.12.6-1.el4_8.ppc",
"4WS:nss-tools-0:3.12.6-1.el4_8.s390",
"4WS:nss-tools-0:3.12.6-1.el4_8.s390x",
"4WS:nss-tools-0:3.12.6-1.el4_8.x86_64",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.i386",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.ia64",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.ppc",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.ppc64",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.s390",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.s390x",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.src",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.x86_64",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.i386",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ia64",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ppc",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ppc64",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.s390",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.s390x",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.x86_64",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.ppc64",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.s390",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.src",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.x86_64",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.s390",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ppc64",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.s390",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.x86_64",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.x86_64",
"5Client:nspr-0:4.8.4-1.el5_4.i386",
"5Client:nspr-0:4.8.4-1.el5_4.ia64",
"5Client:nspr-0:4.8.4-1.el5_4.ppc",
"5Client:nspr-0:4.8.4-1.el5_4.ppc64",
"5Client:nspr-0:4.8.4-1.el5_4.s390",
"5Client:nspr-0:4.8.4-1.el5_4.s390x",
"5Client:nspr-0:4.8.4-1.el5_4.src",
"5Client:nspr-0:4.8.4-1.el5_4.x86_64",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"5Client:nspr-devel-0:4.8.4-1.el5_4.i386",
"5Client:nspr-devel-0:4.8.4-1.el5_4.ia64",
"5Client:nspr-devel-0:4.8.4-1.el5_4.ppc",
"5Client:nspr-devel-0:4.8.4-1.el5_4.ppc64",
"5Client:nspr-devel-0:4.8.4-1.el5_4.s390",
"5Client:nspr-devel-0:4.8.4-1.el5_4.s390x",
"5Client:nspr-devel-0:4.8.4-1.el5_4.x86_64",
"5Client:nss-0:3.12.6-1.el5_4.i386",
"5Client:nss-0:3.12.6-1.el5_4.ia64",
"5Client:nss-0:3.12.6-1.el5_4.ppc",
"5Client:nss-0:3.12.6-1.el5_4.ppc64",
"5Client:nss-0:3.12.6-1.el5_4.s390",
"5Client:nss-0:3.12.6-1.el5_4.s390x",
"5Client:nss-0:3.12.6-1.el5_4.src",
"5Client:nss-0:3.12.6-1.el5_4.x86_64",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.i386",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.s390",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"5Client:nss-devel-0:3.12.6-1.el5_4.i386",
"5Client:nss-devel-0:3.12.6-1.el5_4.ia64",
"5Client:nss-devel-0:3.12.6-1.el5_4.ppc",
"5Client:nss-devel-0:3.12.6-1.el5_4.ppc64",
"5Client:nss-devel-0:3.12.6-1.el5_4.s390",
"5Client:nss-devel-0:3.12.6-1.el5_4.s390x",
"5Client:nss-devel-0:3.12.6-1.el5_4.x86_64",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"5Client:nss-tools-0:3.12.6-1.el5_4.i386",
"5Client:nss-tools-0:3.12.6-1.el5_4.ia64",
"5Client:nss-tools-0:3.12.6-1.el5_4.ppc",
"5Client:nss-tools-0:3.12.6-1.el5_4.s390x",
"5Client:nss-tools-0:3.12.6-1.el5_4.x86_64",
"5Server:nspr-0:4.8.4-1.el5_4.i386",
"5Server:nspr-0:4.8.4-1.el5_4.ia64",
"5Server:nspr-0:4.8.4-1.el5_4.ppc",
"5Server:nspr-0:4.8.4-1.el5_4.ppc64",
"5Server:nspr-0:4.8.4-1.el5_4.s390",
"5Server:nspr-0:4.8.4-1.el5_4.s390x",
"5Server:nspr-0:4.8.4-1.el5_4.src",
"5Server:nspr-0:4.8.4-1.el5_4.x86_64",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"5Server:nspr-devel-0:4.8.4-1.el5_4.i386",
"5Server:nspr-devel-0:4.8.4-1.el5_4.ia64",
"5Server:nspr-devel-0:4.8.4-1.el5_4.ppc",
"5Server:nspr-devel-0:4.8.4-1.el5_4.ppc64",
"5Server:nspr-devel-0:4.8.4-1.el5_4.s390",
"5Server:nspr-devel-0:4.8.4-1.el5_4.s390x",
"5Server:nspr-devel-0:4.8.4-1.el5_4.x86_64",
"5Server:nss-0:3.12.6-1.el5_4.i386",
"5Server:nss-0:3.12.6-1.el5_4.ia64",
"5Server:nss-0:3.12.6-1.el5_4.ppc",
"5Server:nss-0:3.12.6-1.el5_4.ppc64",
"5Server:nss-0:3.12.6-1.el5_4.s390",
"5Server:nss-0:3.12.6-1.el5_4.s390x",
"5Server:nss-0:3.12.6-1.el5_4.src",
"5Server:nss-0:3.12.6-1.el5_4.x86_64",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.i386",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.s390",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"5Server:nss-devel-0:3.12.6-1.el5_4.i386",
"5Server:nss-devel-0:3.12.6-1.el5_4.ia64",
"5Server:nss-devel-0:3.12.6-1.el5_4.ppc",
"5Server:nss-devel-0:3.12.6-1.el5_4.ppc64",
"5Server:nss-devel-0:3.12.6-1.el5_4.s390",
"5Server:nss-devel-0:3.12.6-1.el5_4.s390x",
"5Server:nss-devel-0:3.12.6-1.el5_4.x86_64",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"5Server:nss-tools-0:3.12.6-1.el5_4.i386",
"5Server:nss-tools-0:3.12.6-1.el5_4.ia64",
"5Server:nss-tools-0:3.12.6-1.el5_4.ppc",
"5Server:nss-tools-0:3.12.6-1.el5_4.s390x",
"5Server:nss-tools-0:3.12.6-1.el5_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0165"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS:nspr-0:4.8.4-1.1.el4_8.i386",
"4AS:nspr-0:4.8.4-1.1.el4_8.ia64",
"4AS:nspr-0:4.8.4-1.1.el4_8.ppc",
"4AS:nspr-0:4.8.4-1.1.el4_8.ppc64",
"4AS:nspr-0:4.8.4-1.1.el4_8.s390",
"4AS:nspr-0:4.8.4-1.1.el4_8.s390x",
"4AS:nspr-0:4.8.4-1.1.el4_8.src",
"4AS:nspr-0:4.8.4-1.1.el4_8.x86_64",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"4AS:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.i386",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.s390",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"4AS:nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"4AS:nss-0:3.12.6-1.el4_8.i386",
"4AS:nss-0:3.12.6-1.el4_8.ia64",
"4AS:nss-0:3.12.6-1.el4_8.ppc",
"4AS:nss-0:3.12.6-1.el4_8.ppc64",
"4AS:nss-0:3.12.6-1.el4_8.s390",
"4AS:nss-0:3.12.6-1.el4_8.s390x",
"4AS:nss-0:3.12.6-1.el4_8.src",
"4AS:nss-0:3.12.6-1.el4_8.x86_64",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.i386",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.s390",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"4AS:nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"4AS:nss-devel-0:3.12.6-1.el4_8.i386",
"4AS:nss-devel-0:3.12.6-1.el4_8.ia64",
"4AS:nss-devel-0:3.12.6-1.el4_8.ppc",
"4AS:nss-devel-0:3.12.6-1.el4_8.s390",
"4AS:nss-devel-0:3.12.6-1.el4_8.s390x",
"4AS:nss-devel-0:3.12.6-1.el4_8.x86_64",
"4AS:nss-tools-0:3.12.6-1.el4_8.i386",
"4AS:nss-tools-0:3.12.6-1.el4_8.ia64",
"4AS:nss-tools-0:3.12.6-1.el4_8.ppc",
"4AS:nss-tools-0:3.12.6-1.el4_8.s390",
"4AS:nss-tools-0:3.12.6-1.el4_8.s390x",
"4AS:nss-tools-0:3.12.6-1.el4_8.x86_64",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.i386",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.ia64",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.ppc",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.ppc64",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.s390",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.s390x",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.src",
"4Desktop:nspr-0:4.8.4-1.1.el4_8.x86_64",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"4Desktop:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.i386",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.s390",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"4Desktop:nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"4Desktop:nss-0:3.12.6-1.el4_8.i386",
"4Desktop:nss-0:3.12.6-1.el4_8.ia64",
"4Desktop:nss-0:3.12.6-1.el4_8.ppc",
"4Desktop:nss-0:3.12.6-1.el4_8.ppc64",
"4Desktop:nss-0:3.12.6-1.el4_8.s390",
"4Desktop:nss-0:3.12.6-1.el4_8.s390x",
"4Desktop:nss-0:3.12.6-1.el4_8.src",
"4Desktop:nss-0:3.12.6-1.el4_8.x86_64",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.i386",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.s390",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"4Desktop:nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.i386",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.ia64",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.ppc",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.s390",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.s390x",
"4Desktop:nss-devel-0:3.12.6-1.el4_8.x86_64",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.i386",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.ia64",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.ppc",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.s390",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.s390x",
"4Desktop:nss-tools-0:3.12.6-1.el4_8.x86_64",
"4ES:nspr-0:4.8.4-1.1.el4_8.i386",
"4ES:nspr-0:4.8.4-1.1.el4_8.ia64",
"4ES:nspr-0:4.8.4-1.1.el4_8.ppc",
"4ES:nspr-0:4.8.4-1.1.el4_8.ppc64",
"4ES:nspr-0:4.8.4-1.1.el4_8.s390",
"4ES:nspr-0:4.8.4-1.1.el4_8.s390x",
"4ES:nspr-0:4.8.4-1.1.el4_8.src",
"4ES:nspr-0:4.8.4-1.1.el4_8.x86_64",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"4ES:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.i386",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.s390",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"4ES:nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"4ES:nss-0:3.12.6-1.el4_8.i386",
"4ES:nss-0:3.12.6-1.el4_8.ia64",
"4ES:nss-0:3.12.6-1.el4_8.ppc",
"4ES:nss-0:3.12.6-1.el4_8.ppc64",
"4ES:nss-0:3.12.6-1.el4_8.s390",
"4ES:nss-0:3.12.6-1.el4_8.s390x",
"4ES:nss-0:3.12.6-1.el4_8.src",
"4ES:nss-0:3.12.6-1.el4_8.x86_64",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.i386",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.s390",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"4ES:nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"4ES:nss-devel-0:3.12.6-1.el4_8.i386",
"4ES:nss-devel-0:3.12.6-1.el4_8.ia64",
"4ES:nss-devel-0:3.12.6-1.el4_8.ppc",
"4ES:nss-devel-0:3.12.6-1.el4_8.s390",
"4ES:nss-devel-0:3.12.6-1.el4_8.s390x",
"4ES:nss-devel-0:3.12.6-1.el4_8.x86_64",
"4ES:nss-tools-0:3.12.6-1.el4_8.i386",
"4ES:nss-tools-0:3.12.6-1.el4_8.ia64",
"4ES:nss-tools-0:3.12.6-1.el4_8.ppc",
"4ES:nss-tools-0:3.12.6-1.el4_8.s390",
"4ES:nss-tools-0:3.12.6-1.el4_8.s390x",
"4ES:nss-tools-0:3.12.6-1.el4_8.x86_64",
"4WS:nspr-0:4.8.4-1.1.el4_8.i386",
"4WS:nspr-0:4.8.4-1.1.el4_8.ia64",
"4WS:nspr-0:4.8.4-1.1.el4_8.ppc",
"4WS:nspr-0:4.8.4-1.1.el4_8.ppc64",
"4WS:nspr-0:4.8.4-1.1.el4_8.s390",
"4WS:nspr-0:4.8.4-1.1.el4_8.s390x",
"4WS:nspr-0:4.8.4-1.1.el4_8.src",
"4WS:nspr-0:4.8.4-1.1.el4_8.x86_64",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.i386",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ia64",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.ppc64",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.s390x",
"4WS:nspr-debuginfo-0:4.8.4-1.1.el4_8.x86_64",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.i386",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.ia64",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.ppc",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.s390",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.s390x",
"4WS:nspr-devel-0:4.8.4-1.1.el4_8.x86_64",
"4WS:nss-0:3.12.6-1.el4_8.i386",
"4WS:nss-0:3.12.6-1.el4_8.ia64",
"4WS:nss-0:3.12.6-1.el4_8.ppc",
"4WS:nss-0:3.12.6-1.el4_8.ppc64",
"4WS:nss-0:3.12.6-1.el4_8.s390",
"4WS:nss-0:3.12.6-1.el4_8.s390x",
"4WS:nss-0:3.12.6-1.el4_8.src",
"4WS:nss-0:3.12.6-1.el4_8.x86_64",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.i386",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.ia64",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.ppc",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.ppc64",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.s390",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.s390x",
"4WS:nss-debuginfo-0:3.12.6-1.el4_8.x86_64",
"4WS:nss-devel-0:3.12.6-1.el4_8.i386",
"4WS:nss-devel-0:3.12.6-1.el4_8.ia64",
"4WS:nss-devel-0:3.12.6-1.el4_8.ppc",
"4WS:nss-devel-0:3.12.6-1.el4_8.s390",
"4WS:nss-devel-0:3.12.6-1.el4_8.s390x",
"4WS:nss-devel-0:3.12.6-1.el4_8.x86_64",
"4WS:nss-tools-0:3.12.6-1.el4_8.i386",
"4WS:nss-tools-0:3.12.6-1.el4_8.ia64",
"4WS:nss-tools-0:3.12.6-1.el4_8.ppc",
"4WS:nss-tools-0:3.12.6-1.el4_8.s390",
"4WS:nss-tools-0:3.12.6-1.el4_8.s390x",
"4WS:nss-tools-0:3.12.6-1.el4_8.x86_64",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.i386",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.ia64",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.ppc",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.ppc64",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.s390",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.s390x",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.src",
"5Client-Workstation:nspr-0:4.8.4-1.el5_4.x86_64",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"5Client-Workstation:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.i386",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ia64",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ppc",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.ppc64",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.s390",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.s390x",
"5Client-Workstation:nspr-devel-0:4.8.4-1.el5_4.x86_64",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.ppc64",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.s390",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.src",
"5Client-Workstation:nss-0:3.12.6-1.el5_4.x86_64",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.s390",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.ppc64",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.s390",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-devel-0:3.12.6-1.el5_4.x86_64",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.i386",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.ia64",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.ppc",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.s390x",
"5Client-Workstation:nss-tools-0:3.12.6-1.el5_4.x86_64",
"5Client:nspr-0:4.8.4-1.el5_4.i386",
"5Client:nspr-0:4.8.4-1.el5_4.ia64",
"5Client:nspr-0:4.8.4-1.el5_4.ppc",
"5Client:nspr-0:4.8.4-1.el5_4.ppc64",
"5Client:nspr-0:4.8.4-1.el5_4.s390",
"5Client:nspr-0:4.8.4-1.el5_4.s390x",
"5Client:nspr-0:4.8.4-1.el5_4.src",
"5Client:nspr-0:4.8.4-1.el5_4.x86_64",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"5Client:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"5Client:nspr-devel-0:4.8.4-1.el5_4.i386",
"5Client:nspr-devel-0:4.8.4-1.el5_4.ia64",
"5Client:nspr-devel-0:4.8.4-1.el5_4.ppc",
"5Client:nspr-devel-0:4.8.4-1.el5_4.ppc64",
"5Client:nspr-devel-0:4.8.4-1.el5_4.s390",
"5Client:nspr-devel-0:4.8.4-1.el5_4.s390x",
"5Client:nspr-devel-0:4.8.4-1.el5_4.x86_64",
"5Client:nss-0:3.12.6-1.el5_4.i386",
"5Client:nss-0:3.12.6-1.el5_4.ia64",
"5Client:nss-0:3.12.6-1.el5_4.ppc",
"5Client:nss-0:3.12.6-1.el5_4.ppc64",
"5Client:nss-0:3.12.6-1.el5_4.s390",
"5Client:nss-0:3.12.6-1.el5_4.s390x",
"5Client:nss-0:3.12.6-1.el5_4.src",
"5Client:nss-0:3.12.6-1.el5_4.x86_64",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.i386",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.s390",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"5Client:nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"5Client:nss-devel-0:3.12.6-1.el5_4.i386",
"5Client:nss-devel-0:3.12.6-1.el5_4.ia64",
"5Client:nss-devel-0:3.12.6-1.el5_4.ppc",
"5Client:nss-devel-0:3.12.6-1.el5_4.ppc64",
"5Client:nss-devel-0:3.12.6-1.el5_4.s390",
"5Client:nss-devel-0:3.12.6-1.el5_4.s390x",
"5Client:nss-devel-0:3.12.6-1.el5_4.x86_64",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"5Client:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"5Client:nss-tools-0:3.12.6-1.el5_4.i386",
"5Client:nss-tools-0:3.12.6-1.el5_4.ia64",
"5Client:nss-tools-0:3.12.6-1.el5_4.ppc",
"5Client:nss-tools-0:3.12.6-1.el5_4.s390x",
"5Client:nss-tools-0:3.12.6-1.el5_4.x86_64",
"5Server:nspr-0:4.8.4-1.el5_4.i386",
"5Server:nspr-0:4.8.4-1.el5_4.ia64",
"5Server:nspr-0:4.8.4-1.el5_4.ppc",
"5Server:nspr-0:4.8.4-1.el5_4.ppc64",
"5Server:nspr-0:4.8.4-1.el5_4.s390",
"5Server:nspr-0:4.8.4-1.el5_4.s390x",
"5Server:nspr-0:4.8.4-1.el5_4.src",
"5Server:nspr-0:4.8.4-1.el5_4.x86_64",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.i386",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ia64",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ppc",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.ppc64",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.s390",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.s390x",
"5Server:nspr-debuginfo-0:4.8.4-1.el5_4.x86_64",
"5Server:nspr-devel-0:4.8.4-1.el5_4.i386",
"5Server:nspr-devel-0:4.8.4-1.el5_4.ia64",
"5Server:nspr-devel-0:4.8.4-1.el5_4.ppc",
"5Server:nspr-devel-0:4.8.4-1.el5_4.ppc64",
"5Server:nspr-devel-0:4.8.4-1.el5_4.s390",
"5Server:nspr-devel-0:4.8.4-1.el5_4.s390x",
"5Server:nspr-devel-0:4.8.4-1.el5_4.x86_64",
"5Server:nss-0:3.12.6-1.el5_4.i386",
"5Server:nss-0:3.12.6-1.el5_4.ia64",
"5Server:nss-0:3.12.6-1.el5_4.ppc",
"5Server:nss-0:3.12.6-1.el5_4.ppc64",
"5Server:nss-0:3.12.6-1.el5_4.s390",
"5Server:nss-0:3.12.6-1.el5_4.s390x",
"5Server:nss-0:3.12.6-1.el5_4.src",
"5Server:nss-0:3.12.6-1.el5_4.x86_64",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.i386",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.ia64",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.ppc",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.ppc64",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.s390",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.s390x",
"5Server:nss-debuginfo-0:3.12.6-1.el5_4.x86_64",
"5Server:nss-devel-0:3.12.6-1.el5_4.i386",
"5Server:nss-devel-0:3.12.6-1.el5_4.ia64",
"5Server:nss-devel-0:3.12.6-1.el5_4.ppc",
"5Server:nss-devel-0:3.12.6-1.el5_4.ppc64",
"5Server:nss-devel-0:3.12.6-1.el5_4.s390",
"5Server:nss-devel-0:3.12.6-1.el5_4.s390x",
"5Server:nss-devel-0:3.12.6-1.el5_4.x86_64",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.i386",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ia64",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.ppc64",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.s390x",
"5Server:nss-pkcs11-devel-0:3.12.6-1.el5_4.x86_64",
"5Server:nss-tools-0:3.12.6-1.el5_4.i386",
"5Server:nss-tools-0:3.12.6-1.el5_4.ia64",
"5Server:nss-tools-0:3.12.6-1.el5_4.ppc",
"5Server:nss-tools-0:3.12.6-1.el5_4.s390x",
"5Server:nss-tools-0:3.12.6-1.el5_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS: MITM attacks via session renegotiation"
}
]
}
RHSA-2010:0166
Vulnerability from csaf_redhat - Published: 2010-03-25 10:19 - Updated: 2026-05-27 17:13Summary
Red Hat Security Advisory: gnutls security update
Severity
Moderate
Notes
Topic: Updated gnutls packages that fix two security issues are now available for
Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details: The GnuTLS library provides support for cryptographic algorithms and for
protocols such as Transport Layer Security (TLS).
A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure
Sockets Layer) protocols handled session renegotiation. A man-in-the-middle
attacker could use this flaw to prefix arbitrary plain text to a client's
session (for example, an HTTPS connection to a website). This could force
the server to process an attacker's request as if authenticated using the
victim's credentials. This update addresses this flaw by implementing the
TLS Renegotiation Indication Extension, as defined in RFC 5746.
(CVE-2009-3555)
Refer to the following Knowledgebase article for additional details about
the CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491
Dan Kaminsky found that browsers could accept certificates with MD2 hash
signatures, even though MD2 is no longer considered a cryptographically
strong algorithm. This could make it easier for an attacker to create a
malicious certificate that would be treated as trusted by a browser. GnuTLS
now disables the use of the MD2 algorithm inside signatures by default.
(CVE-2009-2409)
Users of GnuTLS are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. For the update to take
effect, all applications linked to the GnuTLS library must be restarted, or
the system rebooted.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.
2.6 ()
Affected products
Fixed
81 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-utils-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-utils-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-utils-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-utils-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4.3 ()
Affected products
Fixed
81 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-utils-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-utils-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-utils-0:1.4.1-3.el5_4.8.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-utils-0:1.4.1-3.el5_4.8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated gnutls packages that fix two security issues are now available for\nRed Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GnuTLS library provides support for cryptographic algorithms and for\nprotocols such as Transport Layer Security (TLS).\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client\u0027s\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker\u0027s request as if authenticated using the\nvictim\u0027s credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthe CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nDan Kaminsky found that browsers could accept certificates with MD2 hash\nsignatures, even though MD2 is no longer considered a cryptographically\nstrong algorithm. This could make it easier for an attacker to create a\nmalicious certificate that would be treated as trusted by a browser. GnuTLS\nnow disables the use of the MD2 algorithm inside signatures by default.\n(CVE-2009-2409)\n\nUsers of GnuTLS are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all applications linked to the GnuTLS library must be restarted, or\nthe system rebooted.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0166",
"url": "https://access.redhat.com/errata/RHSA-2010:0166"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "http://kbase.redhat.com/faq/docs/DOC-20491",
"url": "http://kbase.redhat.com/faq/docs/DOC-20491"
},
{
"category": "external",
"summary": "510197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=510197"
},
{
"category": "external",
"summary": "533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0166.json"
}
],
"title": "Red Hat Security Advisory: gnutls security update",
"tracking": {
"current_release_date": "2026-05-27T17:13:53+00:00",
"generator": {
"date": "2026-05-27T17:13:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2010:0166",
"initial_release_date": "2010-03-25T10:19:00+00:00",
"revision_history": [
{
"date": "2010-03-25T10:19:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-03-25T06:19:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T17:13:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"product_id": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-3.el5_4.8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"product": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"product_id": "gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-3.el5_4.8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-3.el5_4.8.x86_64",
"product": {
"name": "gnutls-0:1.4.1-3.el5_4.8.x86_64",
"product_id": "gnutls-0:1.4.1-3.el5_4.8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-3.el5_4.8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"product": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"product_id": "gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@1.4.1-3.el5_4.8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"product_id": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-3.el5_4.8?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"product": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"product_id": "gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-3.el5_4.8?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-3.el5_4.8.i386",
"product": {
"name": "gnutls-0:1.4.1-3.el5_4.8.i386",
"product_id": "gnutls-0:1.4.1-3.el5_4.8.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-3.el5_4.8?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"product": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"product_id": "gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@1.4.1-3.el5_4.8?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-0:1.4.1-3.el5_4.8.src",
"product": {
"name": "gnutls-0:1.4.1-3.el5_4.8.src",
"product_id": "gnutls-0:1.4.1-3.el5_4.8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-3.el5_4.8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"product_id": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-3.el5_4.8?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-3.el5_4.8.ia64",
"product": {
"name": "gnutls-0:1.4.1-3.el5_4.8.ia64",
"product_id": "gnutls-0:1.4.1-3.el5_4.8.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-3.el5_4.8?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"product": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"product_id": "gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-3.el5_4.8?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"product": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"product_id": "gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@1.4.1-3.el5_4.8?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"product_id": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-3.el5_4.8?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-3.el5_4.8.ppc64",
"product": {
"name": "gnutls-0:1.4.1-3.el5_4.8.ppc64",
"product_id": "gnutls-0:1.4.1-3.el5_4.8.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-3.el5_4.8?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"product": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"product_id": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-3.el5_4.8?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"product_id": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-3.el5_4.8?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-3.el5_4.8.ppc",
"product": {
"name": "gnutls-0:1.4.1-3.el5_4.8.ppc",
"product_id": "gnutls-0:1.4.1-3.el5_4.8.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-3.el5_4.8?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"product": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"product_id": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-3.el5_4.8?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"product": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"product_id": "gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@1.4.1-3.el5_4.8?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"product_id": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-3.el5_4.8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-3.el5_4.8.s390x",
"product": {
"name": "gnutls-0:1.4.1-3.el5_4.8.s390x",
"product_id": "gnutls-0:1.4.1-3.el5_4.8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-3.el5_4.8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"product": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"product_id": "gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-3.el5_4.8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"product": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"product_id": "gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@1.4.1-3.el5_4.8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"product_id": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-3.el5_4.8?arch=s390"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-3.el5_4.8.s390",
"product": {
"name": "gnutls-0:1.4.1-3.el5_4.8.s390",
"product_id": "gnutls-0:1.4.1-3.el5_4.8.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-3.el5_4.8?arch=s390"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"product": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"product_id": "gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-3.el5_4.8?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.i386"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ia64"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc64"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390x"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.src"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.x86_64"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.i386"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ia64"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390x"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.i386"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ia64"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ppc"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.s390x"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-0:1.4.1-3.el5_4.8.i386"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-0:1.4.1-3.el5_4.8.ia64"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-0:1.4.1-3.el5_4.8.ppc"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-0:1.4.1-3.el5_4.8.ppc64"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-0:1.4.1-3.el5_4.8.s390"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-0:1.4.1-3.el5_4.8.s390x"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-0:1.4.1-3.el5_4.8.src"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-0:1.4.1-3.el5_4.8.x86_64"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-devel-0:1.4.1-3.el5_4.8.i386"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ia64"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390x"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-utils-0:1.4.1-3.el5_4.8.i386"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ia64"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ppc"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-utils-0:1.4.1-3.el5_4.8.s390x"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-0:1.4.1-3.el5_4.8.i386"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-0:1.4.1-3.el5_4.8.ia64"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-0:1.4.1-3.el5_4.8.ppc"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-0:1.4.1-3.el5_4.8.ppc64"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-0:1.4.1-3.el5_4.8.s390"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-0:1.4.1-3.el5_4.8.s390x"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-0:1.4.1-3.el5_4.8.src"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-3.el5_4.8.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-0:1.4.1-3.el5_4.8.x86_64"
},
"product_reference": "gnutls-0:1.4.1-3.el5_4.8.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-devel-0:1.4.1-3.el5_4.8.i386"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ia64"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390x"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-3.el5_4.8.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64"
},
"product_reference": "gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-utils-0:1.4.1-3.el5_4.8.i386"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ia64"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ppc"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-utils-0:1.4.1-3.el5_4.8.s390x"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-3.el5_4.8.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64"
},
"product_reference": "gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-2409",
"discovery_date": "2009-02-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "510197"
}
],
"notes": [
{
"category": "description",
"text": "The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "deprecate MD2 in SSL cert validation (Kaminsky)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.src",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-0:1.4.1-3.el5_4.8.src",
"5Client:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-0:1.4.1-3.el5_4.8.src",
"5Server:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2409"
},
{
"category": "external",
"summary": "RHBZ#510197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=510197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2409",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2409"
}
],
"release_date": "2009-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-03-25T10:19:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.src",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-0:1.4.1-3.el5_4.8.src",
"5Client:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-0:1.4.1-3.el5_4.8.src",
"5Server:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0166"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.src",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-0:1.4.1-3.el5_4.8.src",
"5Client:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-0:1.4.1-3.el5_4.8.src",
"5Server:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "deprecate MD2 in SSL cert validation (Kaminsky)"
},
{
"cve": "CVE-2009-3555",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2009-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "533125"
}
],
"notes": [
{
"category": "description",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS: MITM attacks via session renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.src",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-0:1.4.1-3.el5_4.8.src",
"5Client:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-0:1.4.1-3.el5_4.8.src",
"5Server:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "RHBZ#533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555"
}
],
"release_date": "2009-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-03-25T10:19:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.src",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-0:1.4.1-3.el5_4.8.src",
"5Client:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-0:1.4.1-3.el5_4.8.src",
"5Server:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0166"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.src",
"5Client-Workstation:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Client-Workstation:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-0:1.4.1-3.el5_4.8.src",
"5Client:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Client:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-0:1.4.1-3.el5_4.8.src",
"5Server:gnutls-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-debuginfo-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.ppc64",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-devel-0:1.4.1-3.el5_4.8.x86_64",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.i386",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ia64",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.ppc",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.s390x",
"5Server:gnutls-utils-0:1.4.1-3.el5_4.8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS: MITM attacks via session renegotiation"
}
]
}
RHSA-2010:0167
Vulnerability from csaf_redhat - Published: 2010-03-25 10:31 - Updated: 2026-05-27 17:13Summary
Red Hat Security Advisory: gnutls security update
Severity
Moderate
Notes
Topic: Updated gnutls packages that fix two security issues are now available for
Red Hat Enterprise Linux 4.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details: The GnuTLS library provides support for cryptographic algorithms and for
protocols such as Transport Layer Security (TLS).
A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure
Sockets Layer) protocols handled session renegotiation. A man-in-the-middle
attacker could use this flaw to prefix arbitrary plain text to a client's
session (for example, an HTTPS connection to a website). This could force
the server to process an attacker's request as if authenticated using the
victim's credentials. This update addresses this flaw by implementing the
TLS Renegotiation Indication Extension, as defined in RFC 5746.
(CVE-2009-3555)
Refer to the following Knowledgebase article for additional details about
the CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491
A flaw was found in the way GnuTLS extracted serial numbers from X.509
certificates. On 64-bit big endian platforms, this flaw could cause the
certificate revocation list (CRL) check to be bypassed; cause various
GnuTLS utilities to crash; or, possibly, execute arbitrary code.
(CVE-2010-0731)
Users of GnuTLS are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. For the update to take
effect, all applications linked to the GnuTLS library must be restarted, or
the system rebooted.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4.3 ()
Affected products
Fixed
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-devel-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-devel-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-devel-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number.
5.0 ()
Affected products
Fixed
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-devel-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-devel-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-devel-0:1.0.20-4.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated gnutls packages that fix two security issues are now available for\nRed Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GnuTLS library provides support for cryptographic algorithms and for\nprotocols such as Transport Layer Security (TLS).\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client\u0027s\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker\u0027s request as if authenticated using the\nvictim\u0027s credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthe CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA flaw was found in the way GnuTLS extracted serial numbers from X.509\ncertificates. On 64-bit big endian platforms, this flaw could cause the\ncertificate revocation list (CRL) check to be bypassed; cause various\nGnuTLS utilities to crash; or, possibly, execute arbitrary code.\n(CVE-2010-0731)\n\nUsers of GnuTLS are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all applications linked to the GnuTLS library must be restarted, or\nthe system rebooted.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0167",
"url": "https://access.redhat.com/errata/RHSA-2010:0167"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "http://kbase.redhat.com/faq/docs/DOC-20491",
"url": "http://kbase.redhat.com/faq/docs/DOC-20491"
},
{
"category": "external",
"summary": "533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "573028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=573028"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0167.json"
}
],
"title": "Red Hat Security Advisory: gnutls security update",
"tracking": {
"current_release_date": "2026-05-27T17:13:57+00:00",
"generator": {
"date": "2026-05-27T17:13:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2010:0167",
"initial_release_date": "2010-03-25T10:31:00+00:00",
"revision_history": [
{
"date": "2010-03-25T10:31:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-03-25T06:38:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T17:13:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-0:1.0.20-4.el4_8.7.ia64",
"product": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ia64",
"product_id": "gnutls-0:1.0.20-4.el4_8.7.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.0.20-4.el4_8.7?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"product": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"product_id": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-4.el4_8.7?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"product": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"product_id": "gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-4.el4_8.7?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-0:1.0.20-4.el4_8.7.i386",
"product": {
"name": "gnutls-0:1.0.20-4.el4_8.7.i386",
"product_id": "gnutls-0:1.0.20-4.el4_8.7.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.0.20-4.el4_8.7?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"product": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"product_id": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-4.el4_8.7?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"product": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"product_id": "gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-4.el4_8.7?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-0:1.0.20-4.el4_8.7.src",
"product": {
"name": "gnutls-0:1.0.20-4.el4_8.7.src",
"product_id": "gnutls-0:1.0.20-4.el4_8.7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.0.20-4.el4_8.7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-0:1.0.20-4.el4_8.7.x86_64",
"product": {
"name": "gnutls-0:1.0.20-4.el4_8.7.x86_64",
"product_id": "gnutls-0:1.0.20-4.el4_8.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.0.20-4.el4_8.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"product": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"product_id": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-4.el4_8.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"product": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"product_id": "gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-4.el4_8.7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-0:1.0.20-4.el4_8.7.ppc64",
"product": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ppc64",
"product_id": "gnutls-0:1.0.20-4.el4_8.7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.0.20-4.el4_8.7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"product": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"product_id": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-4.el4_8.7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-0:1.0.20-4.el4_8.7.ppc",
"product": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ppc",
"product_id": "gnutls-0:1.0.20-4.el4_8.7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.0.20-4.el4_8.7?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"product": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"product_id": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-4.el4_8.7?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"product": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"product_id": "gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-4.el4_8.7?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-0:1.0.20-4.el4_8.7.s390x",
"product": {
"name": "gnutls-0:1.0.20-4.el4_8.7.s390x",
"product_id": "gnutls-0:1.0.20-4.el4_8.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.0.20-4.el4_8.7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"product": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"product_id": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-4.el4_8.7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"product": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"product_id": "gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-4.el4_8.7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-0:1.0.20-4.el4_8.7.s390",
"product": {
"name": "gnutls-0:1.0.20-4.el4_8.7.s390",
"product_id": "gnutls-0:1.0.20-4.el4_8.7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.0.20-4.el4_8.7?arch=s390"
}
}
},
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"product": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"product_id": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-4.el4_8.7?arch=s390"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"product": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"product_id": "gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-4.el4_8.7?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-0:1.0.20-4.el4_8.7.i386"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-0:1.0.20-4.el4_8.7.ia64"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-0:1.0.20-4.el4_8.7.ppc"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-0:1.0.20-4.el4_8.7.ppc64"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-0:1.0.20-4.el4_8.7.s390"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-0:1.0.20-4.el4_8.7.s390x"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-0:1.0.20-4.el4_8.7.src"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-0:1.0.20-4.el4_8.7.x86_64"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-devel-0:1.0.20-4.el4_8.7.i386"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-0:1.0.20-4.el4_8.7.i386"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-0:1.0.20-4.el4_8.7.ia64"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc64"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390x"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-0:1.0.20-4.el4_8.7.src"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-0:1.0.20-4.el4_8.7.x86_64"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.i386"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ia64"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ppc"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390x"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-0:1.0.20-4.el4_8.7.i386"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-0:1.0.20-4.el4_8.7.ia64"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-0:1.0.20-4.el4_8.7.ppc"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-0:1.0.20-4.el4_8.7.ppc64"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-0:1.0.20-4.el4_8.7.s390"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-0:1.0.20-4.el4_8.7.s390x"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-0:1.0.20-4.el4_8.7.src"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-0:1.0.20-4.el4_8.7.x86_64"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-devel-0:1.0.20-4.el4_8.7.i386"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ia64"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ppc"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390x"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-0:1.0.20-4.el4_8.7.i386"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-0:1.0.20-4.el4_8.7.ia64"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-0:1.0.20-4.el4_8.7.ppc"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-0:1.0.20-4.el4_8.7.ppc64"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-0:1.0.20-4.el4_8.7.s390"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-0:1.0.20-4.el4_8.7.s390x"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-0:1.0.20-4.el4_8.7.src"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.0.20-4.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-0:1.0.20-4.el4_8.7.x86_64"
},
"product_reference": "gnutls-0:1.0.20-4.el4_8.7.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64"
},
"product_reference": "gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-devel-0:1.0.20-4.el4_8.7.i386"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.0.20-4.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64"
},
"product_reference": "gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3555",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2009-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "533125"
}
],
"notes": [
{
"category": "description",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS: MITM attacks via session renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:gnutls-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4AS:gnutls-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-0:1.0.20-4.el4_8.7.src",
"4AS:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.src",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-0:1.0.20-4.el4_8.7.src",
"4ES:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-0:1.0.20-4.el4_8.7.src",
"4WS:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "RHBZ#533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555"
}
],
"release_date": "2009-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-03-25T10:31:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:gnutls-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4AS:gnutls-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-0:1.0.20-4.el4_8.7.src",
"4AS:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.src",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-0:1.0.20-4.el4_8.7.src",
"4ES:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-0:1.0.20-4.el4_8.7.src",
"4WS:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0167"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS:gnutls-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4AS:gnutls-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-0:1.0.20-4.el4_8.7.src",
"4AS:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.src",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-0:1.0.20-4.el4_8.7.src",
"4ES:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-0:1.0.20-4.el4_8.7.src",
"4WS:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS: MITM attacks via session renegotiation"
},
{
"cve": "CVE-2010-0731",
"discovery_date": "2010-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "573028"
}
],
"notes": [
{
"category": "description",
"text": "The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: gnutls_x509_crt_get_serial incorrect serial decoding from ASN1 (BE64) [GNUTLS-SA-2010-1]",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:gnutls-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4AS:gnutls-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-0:1.0.20-4.el4_8.7.src",
"4AS:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.src",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-0:1.0.20-4.el4_8.7.src",
"4ES:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-0:1.0.20-4.el4_8.7.src",
"4WS:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0731"
},
{
"category": "external",
"summary": "RHBZ#573028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=573028"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0731",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0731"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0731",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0731"
}
],
"release_date": "2010-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-03-25T10:31:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:gnutls-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4AS:gnutls-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-0:1.0.20-4.el4_8.7.src",
"4AS:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.src",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-0:1.0.20-4.el4_8.7.src",
"4ES:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-0:1.0.20-4.el4_8.7.src",
"4WS:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0167"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS:gnutls-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4AS:gnutls-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-0:1.0.20-4.el4_8.7.src",
"4AS:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4AS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.src",
"4Desktop:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4Desktop:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4ES:gnutls-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-0:1.0.20-4.el4_8.7.src",
"4ES:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4ES:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-0:1.0.20-4.el4_8.7.ppc64",
"4WS:gnutls-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-0:1.0.20-4.el4_8.7.src",
"4WS:gnutls-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.ppc64",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-debuginfo-0:1.0.20-4.el4_8.7.x86_64",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.i386",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ia64",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.ppc",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.s390x",
"4WS:gnutls-devel-0:1.0.20-4.el4_8.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: gnutls_x509_crt_get_serial incorrect serial decoding from ASN1 (BE64) [GNUTLS-SA-2010-1]"
}
]
}
RHSA-2010:0337
Vulnerability from csaf_redhat - Published: 2010-04-01 00:21 - Updated: 2026-05-27 17:13Summary
Red Hat Security Advisory: java-1.6.0-sun security update
Severity
Critical
Notes
Topic: Updated java-1.6.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details: The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and
the Sun Java 6 Software Development Kit.
This update fixes several vulnerabilities in the Sun Java 6 Runtime
Environment and the Sun Java 6 Software Development Kit. Further
information about these flaws can be found on the "Oracle Java SE and Java
for Business Critical Patch Update Advisory" page, listed in the
References section. (CVE-2009-3555, CVE-2010-0082, CVE-2010-0084,
CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090,
CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095,
CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841,
CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846,
CVE-2010-0847, CVE-2010-0848, CVE-2010-0849)
For the CVE-2009-3555 issue, this update disables renegotiation in the Java
Secure Socket Extension (JSSE) component. Unsafe renegotiation can be
re-enabled using the sun.security.ssl.allowUnsafeRenegotiation property.
Refer to the following Knowledgebase article for details:
http://kbase.redhat.com/faq/docs/DOC-20491
Users of java-1.6.0-sun should upgrade to these updated packages, which
correct these issues. All running instances of Sun Java must be restarted
for the update to take effect.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4.3 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
5.1 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091.
5.0 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0088.
5.1 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0085.
6.8 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors.
5.0 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18 allows remote attackers to affect integrity and availability via unknown vectors.
5.8 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084.
4.3 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
5.1 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0095.
5.1 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the ClassLoader of a constructor that is being deserialized.
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0093.
6.8 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module in the JVM.
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability."
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Critical
Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and "stepX".
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure.
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code.
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is for improper parsing of a crafted MIDI stream when creating a MixerSequencer object, which causes a pointer to be corrupted and allows a NULL byte to be written to arbitrary memory.
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
5.1 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows remote attackers to execute arbitrary code, related to an "invalid assignment" and inconsistent length values in a JPEG image encoder (JPEGImageEncoderImpl).
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image.
5.1 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via a crafted JPEG image.
7.5 ()
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
130 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.6.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and\nthe Sun Java 6 Software Development Kit.\n\nThis update fixes several vulnerabilities in the Sun Java 6 Runtime\nEnvironment and the Sun Java 6 Software Development Kit. Further\ninformation about these flaws can be found on the \"Oracle Java SE and Java\nfor Business Critical Patch Update Advisory\" page, listed in the\nReferences section. (CVE-2009-3555, CVE-2010-0082, CVE-2010-0084,\nCVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090,\nCVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095,\nCVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841,\nCVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846,\nCVE-2010-0847, CVE-2010-0848, CVE-2010-0849)\n\nFor the CVE-2009-3555 issue, this update disables renegotiation in the Java\nSecure Socket Extension (JSSE) component. Unsafe renegotiation can be\nre-enabled using the sun.security.ssl.allowUnsafeRenegotiation property.\nRefer to the following Knowledgebase article for details:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nUsers of java-1.6.0-sun should upgrade to these updated packages, which\ncorrect these issues. All running instances of Sun Java must be restarted\nfor the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0337",
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://kbase.redhat.com/faq/docs/DOC-20491",
"url": "http://kbase.redhat.com/faq/docs/DOC-20491"
},
{
"category": "external",
"summary": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html",
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html"
},
{
"category": "external",
"summary": "533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "575736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575736"
},
{
"category": "external",
"summary": "575740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575740"
},
{
"category": "external",
"summary": "575747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575747"
},
{
"category": "external",
"summary": "575755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575755"
},
{
"category": "external",
"summary": "575756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575756"
},
{
"category": "external",
"summary": "575760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575760"
},
{
"category": "external",
"summary": "575764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575764"
},
{
"category": "external",
"summary": "575769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575769"
},
{
"category": "external",
"summary": "575772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575772"
},
{
"category": "external",
"summary": "575775",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575775"
},
{
"category": "external",
"summary": "575808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575808"
},
{
"category": "external",
"summary": "575818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575818"
},
{
"category": "external",
"summary": "575846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575846"
},
{
"category": "external",
"summary": "575854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575854"
},
{
"category": "external",
"summary": "575865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575865"
},
{
"category": "external",
"summary": "575871",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575871"
},
{
"category": "external",
"summary": "578430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578430"
},
{
"category": "external",
"summary": "578432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578432"
},
{
"category": "external",
"summary": "578433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578433"
},
{
"category": "external",
"summary": "578436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578436"
},
{
"category": "external",
"summary": "578437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578437"
},
{
"category": "external",
"summary": "578440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578440"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0337.json"
}
],
"title": "Red Hat Security Advisory: java-1.6.0-sun security update",
"tracking": {
"current_release_date": "2026-05-27T17:13:57+00:00",
"generator": {
"date": "2026-05-27T17:13:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2010:0337",
"initial_release_date": "2010-04-01T00:21:00+00:00",
"revision_history": [
{
"date": "2010-04-01T00:21:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-03-31T20:21:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T17:13:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.19-1jpp.1.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.19-1jpp.1.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"product_id": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.19-1jpp.1.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.19-1jpp.1.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.19-1jpp.1.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"product_id": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.19-1jpp.1.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.19-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.19-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.19-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.19-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.19-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.19-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.19-1jpp.1.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.19-1jpp.1.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"product_id": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.19-1jpp.1.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.19-1jpp.1.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.19-1jpp.1.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"product_id": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.19-1jpp.1.el4?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.19-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.19-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.19-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.19-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.19-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.19-1jpp.1.el5?arch=i586\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3555",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2009-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "533125"
}
],
"notes": [
{
"category": "description",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS: MITM attacks via session renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "RHBZ#533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555"
}
],
"release_date": "2009-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS: MITM attacks via session renegotiation"
},
{
"cve": "CVE-2010-0082",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575736"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0082"
},
{
"category": "external",
"summary": "RHBZ#575736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575736"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0082",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0082"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0082",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0082"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217)"
},
{
"cve": "CVE-2010-0084",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575740"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0084"
},
{
"category": "external",
"summary": "RHBZ#575740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0084",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0084"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0084",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0084"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872)"
},
{
"cve": "CVE-2010-0085",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575747"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0088.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK File TOCTOU deserialization vulnerability (6736390)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0085"
},
{
"category": "external",
"summary": "RHBZ#575747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575747"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0085",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0085"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK File TOCTOU deserialization vulnerability (6736390)"
},
{
"cve": "CVE-2010-0087",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578433"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK unspecified vulnerability in JWS/Plugin component",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0087"
},
{
"category": "external",
"summary": "RHBZ#578433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0087",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0087"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0087",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0087"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK unspecified vulnerability in JWS/Plugin component"
},
{
"cve": "CVE-2010-0088",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575755"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0085.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Inflater/Deflater clone issues (6745393)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0088"
},
{
"category": "external",
"summary": "RHBZ#575755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575755"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0088",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0088"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Inflater/Deflater clone issues (6745393)"
},
{
"cve": "CVE-2010-0089",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578440"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK unspecified vulnerability in JavaWS/Plugin component",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0089"
},
{
"category": "external",
"summary": "RHBZ#578440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0089",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0089"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0089",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0089"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK unspecified vulnerability in JavaWS/Plugin component"
},
{
"cve": "CVE-2010-0090",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578437"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18 allows remote attackers to affect integrity and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK unspecified vulnerability in JavaWS/Plugin component",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0090"
},
{
"category": "external",
"summary": "RHBZ#578437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0090",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0090"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0090",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0090"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK unspecified vulnerability in JavaWS/Plugin component"
},
{
"cve": "CVE-2010-0091",
"discovery_date": "2008-07-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575756"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0091"
},
{
"category": "external",
"summary": "RHBZ#575756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0091"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)"
},
{
"cve": "CVE-2010-0092",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575760"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK AtomicReferenceArray causes SIGSEGV -\u003e SEGV_MAPERR error (6888149)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0092"
},
{
"category": "external",
"summary": "RHBZ#575760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575760"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0092",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0092"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0092",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0092"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK AtomicReferenceArray causes SIGSEGV -\u003e SEGV_MAPERR error (6888149)"
},
{
"cve": "CVE-2010-0093",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575764"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0095.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0093"
},
{
"category": "external",
"summary": "RHBZ#575764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0093",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0093"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0093",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0093"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265)"
},
{
"cve": "CVE-2010-0094",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575769"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the ClassLoader of a constructor that is being deserialized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0094"
},
{
"category": "external",
"summary": "RHBZ#575769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575769"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0094",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0094"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0094",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0094"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)"
},
{
"cve": "CVE-2010-0095",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575772"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0093.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0095"
},
{
"category": "external",
"summary": "RHBZ#575772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575772"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0095",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0095"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954)"
},
{
"cve": "CVE-2010-0837",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575818"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JAR \"unpack200\" must verify input parameters (6902299)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0837"
},
{
"category": "external",
"summary": "RHBZ#575818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575818"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0837",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0837"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0837",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0837"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK JAR \"unpack200\" must verify input parameters (6902299)"
},
{
"cve": "CVE-2010-0838",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575808"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module in the JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK CMM readMabCurveData Buffer Overflow Vulnerability (6899653)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0838"
},
{
"category": "external",
"summary": "RHBZ#575808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575808"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0838"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0838",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0838"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK CMM readMabCurveData Buffer Overflow Vulnerability (6899653)"
},
{
"cve": "CVE-2010-0839",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578436"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK multiple unspecified vulnerabilities",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0839"
},
{
"category": "external",
"summary": "RHBZ#578436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0839",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0839"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0839",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0839"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK multiple unspecified vulnerabilities"
},
{
"cve": "CVE-2010-0840",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575846"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) \"a similar trust issue with interfaces,\" aka \"Trusted Methods Chaining Remote Code Execution Vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0840"
},
{
"category": "external",
"summary": "RHBZ#575846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0840",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0840"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-05-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)"
},
{
"cve": "CVE-2010-0841",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575854"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and \"stepX\".",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JPEGImageReader stepX Integer Overflow Vulnerability (6909597)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0841"
},
{
"category": "external",
"summary": "RHBZ#575854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0841"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK JPEGImageReader stepX Integer Overflow Vulnerability (6909597)"
},
{
"cve": "CVE-2010-0842",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578436"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK multiple unspecified vulnerabilities",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0842"
},
{
"category": "external",
"summary": "RHBZ#578436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0842",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0842"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0842",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0842"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK multiple unspecified vulnerabilities"
},
{
"cve": "CVE-2010-0843",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578436"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK multiple unspecified vulnerabilities",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0843"
},
{
"category": "external",
"summary": "RHBZ#578436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0843",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0843"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0843",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0843"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK multiple unspecified vulnerabilities"
},
{
"cve": "CVE-2010-0844",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578436"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is for improper parsing of a crafted MIDI stream when creating a MixerSequencer object, which causes a pointer to be corrupted and allows a NULL byte to be written to arbitrary memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK multiple unspecified vulnerabilities",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0844"
},
{
"category": "external",
"summary": "RHBZ#578436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0844",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0844"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0844",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0844"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK multiple unspecified vulnerabilities"
},
{
"cve": "CVE-2010-0845",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575775"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0845"
},
{
"category": "external",
"summary": "RHBZ#575775",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575775"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0845",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0845"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)"
},
{
"cve": "CVE-2010-0846",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578430"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows remote attackers to execute arbitrary code, related to an \"invalid assignment\" and inconsistent length values in a JPEG image encoder (JPEGImageEncoderImpl).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK unspecified vulnerability in ImageIO component",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0846"
},
{
"category": "external",
"summary": "RHBZ#578430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0846",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0846"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0846",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0846"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK unspecified vulnerability in ImageIO component"
},
{
"cve": "CVE-2010-0847",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575871"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK ImagingLib arbitrary code execution vulnerability (6914866)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0847"
},
{
"category": "external",
"summary": "RHBZ#575871",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575871"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0847",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0847",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0847"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK ImagingLib arbitrary code execution vulnerability (6914866)"
},
{
"cve": "CVE-2010-0848",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575865"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK AWT Library Invalid Index Vulnerability (6914823)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0848"
},
{
"category": "external",
"summary": "RHBZ#575865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575865"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0848",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0848",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0848"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK AWT Library Invalid Index Vulnerability (6914823)"
},
{
"cve": "CVE-2010-0849",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578432"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via a crafted JPEG image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK unspecified vulnerability in Java2D component",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0849"
},
{
"category": "external",
"summary": "RHBZ#578432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0849",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0849"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0849",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0849"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0337"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4AS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4ES-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.i586",
"4WS-LACD:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.19-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.19-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK unspecified vulnerability in Java2D component"
}
]
}
RHSA-2010:0338
Vulnerability from csaf_redhat - Published: 2010-04-01 02:56 - Updated: 2026-05-27 17:13Summary
Red Hat Security Advisory: java-1.5.0-sun security update
Severity
Critical
Notes
Topic: The java-1.5.0-sun packages as shipped in Red Hat Enterprise Linux 4 Extras
and 5 Supplementary contain security flaws and should not be used.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details: The Sun 1.5.0 Java release includes the Sun Java 5 Runtime Environment and
the Sun Java 5 Software Development Kit.
The java-1.5.0-sun packages are vulnerable to a number of security flaws
and should no longer be used. (CVE-2009-3555, CVE-2010-0082, CVE-2010-0084,
CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0091,
CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837,
CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842,
CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847,
CVE-2010-0848, CVE-2010-0849)
The Sun Java SE Release family 5.0 reached its End of Service Life on
November 3, 2009. The RHSA-2009:1571 update provided the final publicly
available update of version 5.0 (Update 22). Users interested in continuing
to receive critical fixes for Sun Java SE 5.0 should contact Oracle:
http://www.sun.com/software/javaforbusiness/index.jsp
An alternative to Sun Java SE 5.0 is the Java 2 Technology Edition of the
IBM Developer Kit for Linux, which is available from the Extras and
Supplementary channels on the Red Hat Network.
Applications capable of using the Java 6 runtime can be migrated to Java 6
on: OpenJDK (java-1.6.0-openjdk), an open source JDK included in Red Hat
Enterprise Linux 5, since 5.3; the IBM JDK, java-1.6.0-ibm; or the Sun JDK,
java-1.6.0-sun.
This update removes the java-1.5.0-sun packages as they have reached their
End of Service Life.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4.3 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
5.1 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091.
5.0 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0088.
5.1 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0085.
6.8 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors.
5.0 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084.
4.3 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
5.1 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0095.
5.1 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the ClassLoader of a constructor that is being deserialized.
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0093.
6.8 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module in the JVM.
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability."
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Critical
Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and "stepX".
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure.
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code.
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is for improper parsing of a crafted MIDI stream when creating a MixerSequencer object, which causes a pointer to be corrupted and allows a NULL byte to be written to arbitrary memory.
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
5.1 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows remote attackers to execute arbitrary code, related to an "invalid assignment" and inconsistent length values in a JPEG image encoder (JPEGImageEncoderImpl).
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image.
5.1 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via a crafted JPEG image.
7.5 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
124 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The java-1.5.0-sun packages as shipped in Red Hat Enterprise Linux 4 Extras\nand 5 Supplementary contain security flaws and should not be used.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Sun 1.5.0 Java release includes the Sun Java 5 Runtime Environment and\nthe Sun Java 5 Software Development Kit.\n\nThe java-1.5.0-sun packages are vulnerable to a number of security flaws\nand should no longer be used. (CVE-2009-3555, CVE-2010-0082, CVE-2010-0084,\nCVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0091,\nCVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837,\nCVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842,\nCVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847,\nCVE-2010-0848, CVE-2010-0849)\n\nThe Sun Java SE Release family 5.0 reached its End of Service Life on\nNovember 3, 2009. The RHSA-2009:1571 update provided the final publicly\navailable update of version 5.0 (Update 22). Users interested in continuing\nto receive critical fixes for Sun Java SE 5.0 should contact Oracle:\n\nhttp://www.sun.com/software/javaforbusiness/index.jsp\n\nAn alternative to Sun Java SE 5.0 is the Java 2 Technology Edition of the\nIBM Developer Kit for Linux, which is available from the Extras and\nSupplementary channels on the Red Hat Network.\n\nApplications capable of using the Java 6 runtime can be migrated to Java 6\non: OpenJDK (java-1.6.0-openjdk), an open source JDK included in Red Hat\nEnterprise Linux 5, since 5.3; the IBM JDK, java-1.6.0-ibm; or the Sun JDK,\njava-1.6.0-sun.\n\nThis update removes the java-1.5.0-sun packages as they have reached their\nEnd of Service Life.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0338",
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html",
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html"
},
{
"category": "external",
"summary": "533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "575736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575736"
},
{
"category": "external",
"summary": "575740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575740"
},
{
"category": "external",
"summary": "575747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575747"
},
{
"category": "external",
"summary": "575755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575755"
},
{
"category": "external",
"summary": "575756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575756"
},
{
"category": "external",
"summary": "575760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575760"
},
{
"category": "external",
"summary": "575764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575764"
},
{
"category": "external",
"summary": "575769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575769"
},
{
"category": "external",
"summary": "575772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575772"
},
{
"category": "external",
"summary": "575775",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575775"
},
{
"category": "external",
"summary": "575808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575808"
},
{
"category": "external",
"summary": "575818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575818"
},
{
"category": "external",
"summary": "575846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575846"
},
{
"category": "external",
"summary": "575854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575854"
},
{
"category": "external",
"summary": "575865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575865"
},
{
"category": "external",
"summary": "575871",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575871"
},
{
"category": "external",
"summary": "578430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578430"
},
{
"category": "external",
"summary": "578432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578432"
},
{
"category": "external",
"summary": "578433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578433"
},
{
"category": "external",
"summary": "578436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578436"
},
{
"category": "external",
"summary": "578440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578440"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0338.json"
}
],
"title": "Red Hat Security Advisory: java-1.5.0-sun security update",
"tracking": {
"current_release_date": "2026-05-27T17:13:59+00:00",
"generator": {
"date": "2026-05-27T17:13:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2010:0338",
"initial_release_date": "2010-04-01T02:56:00+00:00",
"revision_history": [
{
"date": "2010-04-01T02:56:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-04-01T00:04:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T17:13:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "RHEL Supplementary (v. 5.2.Z server)",
"product": {
"name": "RHEL Supplementary (v. 5.2.Z server)",
"product_id": "5Server-Supplementary-5.2.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5"
}
}
},
{
"category": "product_name",
"name": "RHEL Supplementary (v. 5.3.Z server)",
"product": {
"name": "RHEL Supplementary (v. 5.3.Z server)",
"product_id": "5Server-Supplementary-5.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4.7.z Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4.7.z Extras",
"product_id": "4AS-4.7.z-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4.7.z"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4.7.z Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4.7.z Extras",
"product_id": "4ES-4.7.z-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4.7.z"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"product_id": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-uninstall@1.5.0.22-1jpp.3.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"product_id": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-uninstall@1.5.0.22-1jpp.3.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"product": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"product_id": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-uninstall@1.5.0.22-1jpp.3.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"product": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"product_id": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-uninstall@1.5.0.22-1jpp.3.el4?arch=i586"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 as a component of Red Hat Enterprise Linux AS version 4.7.z Extras",
"product_id": "4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"relates_to_product_reference": "4AS-4.7.z-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4.7.z Extras",
"product_id": "4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"relates_to_product_reference": "4AS-4.7.z-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 as a component of Red Hat Enterprise Linux ES version 4.7.z Extras",
"product_id": "4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"relates_to_product_reference": "4ES-4.7.z-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4.7.z Extras",
"product_id": "4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"relates_to_product_reference": "4ES-4.7.z-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 as a component of RHEL Supplementary (v. 5.2.Z server)",
"product_id": "5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"relates_to_product_reference": "5Server-Supplementary-5.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 as a component of RHEL Supplementary (v. 5.2.Z server)",
"product_id": "5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary-5.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 as a component of RHEL Supplementary (v. 5.3.Z server)",
"product_id": "5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"relates_to_product_reference": "5Server-Supplementary-5.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 as a component of RHEL Supplementary (v. 5.3.Z server)",
"product_id": "5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary-5.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3555",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2009-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "533125"
}
],
"notes": [
{
"category": "description",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS: MITM attacks via session renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "RHBZ#533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555"
}
],
"release_date": "2009-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS: MITM attacks via session renegotiation"
},
{
"cve": "CVE-2010-0082",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575736"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0082"
},
{
"category": "external",
"summary": "RHBZ#575736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575736"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0082",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0082"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0082",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0082"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217)"
},
{
"cve": "CVE-2010-0084",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575740"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0084"
},
{
"category": "external",
"summary": "RHBZ#575740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0084",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0084"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0084",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0084"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872)"
},
{
"cve": "CVE-2010-0085",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575747"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0088.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK File TOCTOU deserialization vulnerability (6736390)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0085"
},
{
"category": "external",
"summary": "RHBZ#575747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575747"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0085",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0085"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK File TOCTOU deserialization vulnerability (6736390)"
},
{
"cve": "CVE-2010-0087",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578433"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK unspecified vulnerability in JWS/Plugin component",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0087"
},
{
"category": "external",
"summary": "RHBZ#578433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0087",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0087"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0087",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0087"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK unspecified vulnerability in JWS/Plugin component"
},
{
"cve": "CVE-2010-0088",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575755"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0085.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Inflater/Deflater clone issues (6745393)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0088"
},
{
"category": "external",
"summary": "RHBZ#575755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575755"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0088",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0088"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Inflater/Deflater clone issues (6745393)"
},
{
"cve": "CVE-2010-0089",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578440"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK unspecified vulnerability in JavaWS/Plugin component",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0089"
},
{
"category": "external",
"summary": "RHBZ#578440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0089",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0089"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0089",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0089"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK unspecified vulnerability in JavaWS/Plugin component"
},
{
"cve": "CVE-2010-0091",
"discovery_date": "2008-07-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575756"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0091"
},
{
"category": "external",
"summary": "RHBZ#575756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0091"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)"
},
{
"cve": "CVE-2010-0092",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575760"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK AtomicReferenceArray causes SIGSEGV -\u003e SEGV_MAPERR error (6888149)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0092"
},
{
"category": "external",
"summary": "RHBZ#575760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575760"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0092",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0092"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0092",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0092"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK AtomicReferenceArray causes SIGSEGV -\u003e SEGV_MAPERR error (6888149)"
},
{
"cve": "CVE-2010-0093",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575764"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0095.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0093"
},
{
"category": "external",
"summary": "RHBZ#575764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0093",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0093"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0093",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0093"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265)"
},
{
"cve": "CVE-2010-0094",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575769"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the ClassLoader of a constructor that is being deserialized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0094"
},
{
"category": "external",
"summary": "RHBZ#575769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575769"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0094",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0094"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0094",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0094"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)"
},
{
"cve": "CVE-2010-0095",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575772"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0093.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0095"
},
{
"category": "external",
"summary": "RHBZ#575772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575772"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0095",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0095"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954)"
},
{
"cve": "CVE-2010-0837",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575818"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JAR \"unpack200\" must verify input parameters (6902299)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0837"
},
{
"category": "external",
"summary": "RHBZ#575818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575818"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0837",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0837"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0837",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0837"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK JAR \"unpack200\" must verify input parameters (6902299)"
},
{
"cve": "CVE-2010-0838",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575808"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module in the JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK CMM readMabCurveData Buffer Overflow Vulnerability (6899653)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0838"
},
{
"category": "external",
"summary": "RHBZ#575808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575808"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0838"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0838",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0838"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK CMM readMabCurveData Buffer Overflow Vulnerability (6899653)"
},
{
"cve": "CVE-2010-0839",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578436"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK multiple unspecified vulnerabilities",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0839"
},
{
"category": "external",
"summary": "RHBZ#578436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0839",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0839"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0839",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0839"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK multiple unspecified vulnerabilities"
},
{
"cve": "CVE-2010-0840",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575846"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) \"a similar trust issue with interfaces,\" aka \"Trusted Methods Chaining Remote Code Execution Vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0840"
},
{
"category": "external",
"summary": "RHBZ#575846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0840",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0840"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-05-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)"
},
{
"cve": "CVE-2010-0841",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575854"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and \"stepX\".",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JPEGImageReader stepX Integer Overflow Vulnerability (6909597)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0841"
},
{
"category": "external",
"summary": "RHBZ#575854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0841"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK JPEGImageReader stepX Integer Overflow Vulnerability (6909597)"
},
{
"cve": "CVE-2010-0842",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578436"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK multiple unspecified vulnerabilities",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0842"
},
{
"category": "external",
"summary": "RHBZ#578436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0842",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0842"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0842",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0842"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK multiple unspecified vulnerabilities"
},
{
"cve": "CVE-2010-0843",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578436"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK multiple unspecified vulnerabilities",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0843"
},
{
"category": "external",
"summary": "RHBZ#578436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0843",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0843"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0843",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0843"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK multiple unspecified vulnerabilities"
},
{
"cve": "CVE-2010-0844",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578436"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is for improper parsing of a crafted MIDI stream when creating a MixerSequencer object, which causes a pointer to be corrupted and allows a NULL byte to be written to arbitrary memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK multiple unspecified vulnerabilities",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0844"
},
{
"category": "external",
"summary": "RHBZ#578436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0844",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0844"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0844",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0844"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK multiple unspecified vulnerabilities"
},
{
"cve": "CVE-2010-0845",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575775"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0845"
},
{
"category": "external",
"summary": "RHBZ#575775",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575775"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0845",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0845"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)"
},
{
"cve": "CVE-2010-0846",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578430"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows remote attackers to execute arbitrary code, related to an \"invalid assignment\" and inconsistent length values in a JPEG image encoder (JPEGImageEncoderImpl).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK unspecified vulnerability in ImageIO component",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0846"
},
{
"category": "external",
"summary": "RHBZ#578430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0846",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0846"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0846",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0846"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK unspecified vulnerability in ImageIO component"
},
{
"cve": "CVE-2010-0847",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575871"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK ImagingLib arbitrary code execution vulnerability (6914866)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0847"
},
{
"category": "external",
"summary": "RHBZ#575871",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575871"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0847",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0847",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0847"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK ImagingLib arbitrary code execution vulnerability (6914866)"
},
{
"cve": "CVE-2010-0848",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575865"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK AWT Library Invalid Index Vulnerability (6914823)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0848"
},
{
"category": "external",
"summary": "RHBZ#575865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575865"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0848",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0848",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0848"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK AWT Library Invalid Index Vulnerability (6914823)"
},
{
"cve": "CVE-2010-0849",
"discovery_date": "2010-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "578432"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via a crafted JPEG image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK unspecified vulnerability in Java2D component",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0849"
},
{
"category": "external",
"summary": "RHBZ#578432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0849",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0849"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0849",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0849"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T02:56:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0338"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4AS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-4.7.z-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4ES-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.i586",
"4WS-LACD:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.2.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary-5.3.Z:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-uninstall-0:1.5.0.22-1jpp.3.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK unspecified vulnerability in Java2D component"
}
]
}
RHSA-2010:0339
Vulnerability from csaf_redhat - Published: 2010-04-01 00:14 - Updated: 2026-05-27 17:14Summary
Red Hat Security Advisory: java-1.6.0-openjdk security update
Severity
Important
Notes
Topic: Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details: These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE)
contains the software and tools that users need to run applications written
using the Java programming language.
A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure
Sockets Layer) protocols handle session renegotiation. A man-in-the-middle
attacker could use this flaw to prefix arbitrary plain text to a client's
session (for example, an HTTPS connection to a website). This could force
the server to process an attacker's request as if authenticated using the
victim's credentials. (CVE-2009-3555)
This update disables renegotiation in the Java Secure Socket Extension
(JSSE) component. Unsafe renegotiation can be re-enabled using the
sun.security.ssl.allowUnsafeRenegotiation property. Refer to the following
Knowledgebase article for details:
http://kbase.redhat.com/faq/docs/DOC-20491
A number of flaws have been fixed in the Java Virtual Machine (JVM) and in
various Java class implementations. These flaws could allow an unsigned
applet or application to bypass intended access restrictions.
(CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0094)
An untrusted applet could access clipboard information if a drag operation
was performed over that applet's canvas. This could lead to an information
leak. (CVE-2010-0091)
The rawIndex operation incorrectly handled large values, causing the
corruption of internal memory structures, resulting in an untrusted applet
or application crashing. (CVE-2010-0092)
The System.arraycopy operation incorrectly handled large index values,
potentially causing array corruption in an untrusted applet or application.
(CVE-2010-0093)
Subclasses of InetAddress may incorrectly interpret network addresses,
allowing an untrusted applet or application to bypass network access
restrictions. (CVE-2010-0095)
In certain cases, type assignments could result in "non-exact" interface
types. This could be used to bypass type-safety restrictions.
(CVE-2010-0845)
A buffer overflow flaw in LittleCMS (embedded in OpenJDK) could cause an
untrusted applet or application using color profiles from untrusted sources
to crash. (CVE-2010-0838)
An input validation flaw was found in the JRE unpack200 functionality. An
untrusted applet or application could use this flaw to elevate its
privileges. (CVE-2010-0837)
Deferred calls to trusted applet methods could be granted incorrect
permissions, allowing an untrusted applet or application to extend its
privileges. (CVE-2010-0840)
A missing input validation flaw in the JRE could allow an attacker to crash
an untrusted applet or application. (CVE-2010-0848)
A flaw in Java2D could allow an attacker to execute arbitrary code with the
privileges of a user running an untrusted applet or application that uses
Java2D. (CVE-2010-0847)
Note: The flaws concerning applets in this advisory, CVE-2010-0082,
CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0092,
CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838,
CVE-2010-0840, CVE-2010-0847, and CVE-2010-0848, can only be triggered in
java-1.6.0-openjdk by calling the "appletviewer" application.
This update also provides three defense in depth patches. (BZ#575745,
BZ#575861, BZ#575789)
All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4.3 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
5.1 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091.
5.0 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0088.
5.1 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0085.
6.8 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084.
4.3 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
5.1 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0095.
5.1 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the ClassLoader of a constructor that is being deserialized.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0093.
6.8 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module in the JVM.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability."
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Critical
Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
5.1 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image.
5.1 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
References
88 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.6.0-openjdk packages that fix several security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "These packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE)\ncontains the software and tools that users need to run applications written\nusing the Java programming language.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client\u0027s\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker\u0027s request as if authenticated using the\nvictim\u0027s credentials. (CVE-2009-3555)\n\nThis update disables renegotiation in the Java Secure Socket Extension\n(JSSE) component. Unsafe renegotiation can be re-enabled using the\nsun.security.ssl.allowUnsafeRenegotiation property. Refer to the following\nKnowledgebase article for details:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA number of flaws have been fixed in the Java Virtual Machine (JVM) and in\nvarious Java class implementations. These flaws could allow an unsigned\napplet or application to bypass intended access restrictions.\n(CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0094)\n\nAn untrusted applet could access clipboard information if a drag operation\nwas performed over that applet\u0027s canvas. This could lead to an information\nleak. (CVE-2010-0091)\n\nThe rawIndex operation incorrectly handled large values, causing the\ncorruption of internal memory structures, resulting in an untrusted applet\nor application crashing. (CVE-2010-0092)\n\nThe System.arraycopy operation incorrectly handled large index values,\npotentially causing array corruption in an untrusted applet or application.\n(CVE-2010-0093)\n\nSubclasses of InetAddress may incorrectly interpret network addresses,\nallowing an untrusted applet or application to bypass network access\nrestrictions. (CVE-2010-0095)\n\nIn certain cases, type assignments could result in \"non-exact\" interface\ntypes. This could be used to bypass type-safety restrictions.\n(CVE-2010-0845)\n\nA buffer overflow flaw in LittleCMS (embedded in OpenJDK) could cause an\nuntrusted applet or application using color profiles from untrusted sources\nto crash. (CVE-2010-0838)\n\nAn input validation flaw was found in the JRE unpack200 functionality. An\nuntrusted applet or application could use this flaw to elevate its\nprivileges. (CVE-2010-0837)\n\nDeferred calls to trusted applet methods could be granted incorrect\npermissions, allowing an untrusted applet or application to extend its\nprivileges. (CVE-2010-0840)\n\nA missing input validation flaw in the JRE could allow an attacker to crash\nan untrusted applet or application. (CVE-2010-0848)\n\nA flaw in Java2D could allow an attacker to execute arbitrary code with the\nprivileges of a user running an untrusted applet or application that uses\nJava2D. (CVE-2010-0847)\n\nNote: The flaws concerning applets in this advisory, CVE-2010-0082,\nCVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0092,\nCVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838,\nCVE-2010-0840, CVE-2010-0847, and CVE-2010-0848, can only be triggered in\njava-1.6.0-openjdk by calling the \"appletviewer\" application.\n\nThis update also provides three defense in depth patches. (BZ#575745,\nBZ#575861, BZ#575789)\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0339",
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://kbase.redhat.com/faq/docs/DOC-20491",
"url": "http://kbase.redhat.com/faq/docs/DOC-20491"
},
{
"category": "external",
"summary": "533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "575736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575736"
},
{
"category": "external",
"summary": "575740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575740"
},
{
"category": "external",
"summary": "575745",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575745"
},
{
"category": "external",
"summary": "575747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575747"
},
{
"category": "external",
"summary": "575755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575755"
},
{
"category": "external",
"summary": "575756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575756"
},
{
"category": "external",
"summary": "575760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575760"
},
{
"category": "external",
"summary": "575764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575764"
},
{
"category": "external",
"summary": "575769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575769"
},
{
"category": "external",
"summary": "575772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575772"
},
{
"category": "external",
"summary": "575775",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575775"
},
{
"category": "external",
"summary": "575789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575789"
},
{
"category": "external",
"summary": "575808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575808"
},
{
"category": "external",
"summary": "575818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575818"
},
{
"category": "external",
"summary": "575846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575846"
},
{
"category": "external",
"summary": "575861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575861"
},
{
"category": "external",
"summary": "575865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575865"
},
{
"category": "external",
"summary": "575871",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575871"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0339.json"
}
],
"title": "Red Hat Security Advisory: java-1.6.0-openjdk security update",
"tracking": {
"current_release_date": "2026-05-27T17:14:07+00:00",
"generator": {
"date": "2026-05-27T17:14:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2010:0339",
"initial_release_date": "2010-04-01T00:14:00+00:00",
"revision_history": [
{
"date": "2010-04-01T00:14:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-03-31T20:14:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T17:14:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"product_id": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-src@1.6.0.0-1.11.b16.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"product_id": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-javadoc@1.6.0.0-1.11.b16.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.11.b16.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"product_id": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-debuginfo@1.6.0.0-1.11.b16.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"product_id": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-demo@1.6.0.0-1.11.b16.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"product_id": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-devel@1.6.0.0-1.11.b16.el5?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"product_id": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-src@1.6.0.0-1.11.b16.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"product_id": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-javadoc@1.6.0.0-1.11.b16.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.11.b16.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"product_id": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-debuginfo@1.6.0.0-1.11.b16.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"product_id": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-demo@1.6.0.0-1.11.b16.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"product_id": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-devel@1.6.0.0-1.11.b16.el5?arch=i386\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"product": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.11.b16.el5?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3555",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2009-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "533125"
}
],
"notes": [
{
"category": "description",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS: MITM attacks via session renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "RHBZ#533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555"
}
],
"release_date": "2009-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS: MITM attacks via session renegotiation"
},
{
"cve": "CVE-2010-0082",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575736"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0082"
},
{
"category": "external",
"summary": "RHBZ#575736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575736"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0082",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0082"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0082",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0082"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217)"
},
{
"cve": "CVE-2010-0084",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575740"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0084"
},
{
"category": "external",
"summary": "RHBZ#575740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0084",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0084"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0084",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0084"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872)"
},
{
"cve": "CVE-2010-0085",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575747"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0088.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK File TOCTOU deserialization vulnerability (6736390)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0085"
},
{
"category": "external",
"summary": "RHBZ#575747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575747"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0085",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0085"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK File TOCTOU deserialization vulnerability (6736390)"
},
{
"cve": "CVE-2010-0088",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575755"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0085.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Inflater/Deflater clone issues (6745393)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0088"
},
{
"category": "external",
"summary": "RHBZ#575755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575755"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0088",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0088"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Inflater/Deflater clone issues (6745393)"
},
{
"cve": "CVE-2010-0091",
"discovery_date": "2008-07-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575756"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0091"
},
{
"category": "external",
"summary": "RHBZ#575756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0091"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)"
},
{
"cve": "CVE-2010-0092",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575760"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK AtomicReferenceArray causes SIGSEGV -\u003e SEGV_MAPERR error (6888149)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0092"
},
{
"category": "external",
"summary": "RHBZ#575760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575760"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0092",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0092"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0092",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0092"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK AtomicReferenceArray causes SIGSEGV -\u003e SEGV_MAPERR error (6888149)"
},
{
"cve": "CVE-2010-0093",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575764"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0095.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0093"
},
{
"category": "external",
"summary": "RHBZ#575764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0093",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0093"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0093",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0093"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265)"
},
{
"cve": "CVE-2010-0094",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575769"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the ClassLoader of a constructor that is being deserialized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0094"
},
{
"category": "external",
"summary": "RHBZ#575769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575769"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0094",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0094"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0094",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0094"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)"
},
{
"cve": "CVE-2010-0095",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575772"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0093.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0095"
},
{
"category": "external",
"summary": "RHBZ#575772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575772"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0095",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0095"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954)"
},
{
"cve": "CVE-2010-0837",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575818"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JAR \"unpack200\" must verify input parameters (6902299)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0837"
},
{
"category": "external",
"summary": "RHBZ#575818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575818"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0837",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0837"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0837",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0837"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK JAR \"unpack200\" must verify input parameters (6902299)"
},
{
"cve": "CVE-2010-0838",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575808"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module in the JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK CMM readMabCurveData Buffer Overflow Vulnerability (6899653)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0838"
},
{
"category": "external",
"summary": "RHBZ#575808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575808"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0838"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0838",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0838"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK CMM readMabCurveData Buffer Overflow Vulnerability (6899653)"
},
{
"cve": "CVE-2010-0840",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575846"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) \"a similar trust issue with interfaces,\" aka \"Trusted Methods Chaining Remote Code Execution Vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0840"
},
{
"category": "external",
"summary": "RHBZ#575846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0840",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0840"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-05-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)"
},
{
"cve": "CVE-2010-0845",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575775"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0845"
},
{
"category": "external",
"summary": "RHBZ#575775",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575775"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0845",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0845"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)"
},
{
"cve": "CVE-2010-0847",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575871"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK ImagingLib arbitrary code execution vulnerability (6914866)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0847"
},
{
"category": "external",
"summary": "RHBZ#575871",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575871"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0847",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0847",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0847"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK ImagingLib arbitrary code execution vulnerability (6914866)"
},
{
"cve": "CVE-2010-0848",
"discovery_date": "2010-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "575865"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK AWT Library Invalid Index Vulnerability (6914823)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-0848"
},
{
"category": "external",
"summary": "RHBZ#575865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=575865"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-0848",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0848",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0848"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-04-01T00:14:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0339"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.11.b16.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.11.b16.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK AWT Library Invalid Index Vulnerability (6914823)"
}
]
}
RHSA-2010:0408
Vulnerability from csaf_redhat - Published: 2010-05-12 16:21 - Updated: 2026-05-27 17:14Summary
Red Hat Security Advisory: java-1.4.2-ibm security update
Severity
Moderate
Notes
Topic: Updated java-1.4.2-ibm packages that fix various security issues are now
available for Red Hat Enterprise Linux 4 and 5 for SAP.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details: The IBM 1.4.2 SR13-FP4 Java release includes the IBM Java 2 Runtime
Environment and the IBM Java 2 Software Development Kit.
This update fixes various vulnerabilities in the IBM Java 2 Runtime
Environment and the IBM Java 2 Software Development Kit. These
vulnerabilities are summarized on the IBM "Security alerts" page listed in
the References section. (CVE-2009-3555, CVE-2009-3867, CVE-2009-3869,
CVE-2009-3871, CVE-2009-3874, CVE-2009-3875)
For the CVE-2009-3555 issue, this update disables renegotiation in the
non-default IBM JSSE2 provider for the Java Secure Socket Extension (JSSE)
component. The default JSSE provider is not updated with this fix. Refer to
the IBMJSSE2 Provider Reference Guide, linked to in the References, for
instructions on how to configure the IBM Java 2 Runtime Environment to use
the JSSE2 provider by default.
When using the JSSE2 provider, unsafe renegotiation can be re-enabled using
the com.ibm.jsse2.renegotiate property. Refer to the following
Knowledgebase article for details:
http://kbase.redhat.com/faq/docs/DOC-20491
Warning: Do not install these java-1.4.2-ibm packages for SAP alongside the
java-1.4.2-ibm packages from the Red Hat Enterprise Linux Extras or
Supplementary channels on the Red Hat Network. Doing so could cause your
system to fail to update cleanly, among other possible problems.
All users of java-1.4.2-ibm for Red Hat Enterprise Linux 4 and 5 for SAP
are advised to upgrade to these updated packages, which contain the IBM
1.4.2 SR13-FP4 Java release. All running instances of IBM Java must be
restarted for this update to take effect.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4.3 ()
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.
6.8 ()
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.
6.8 ()
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.
6.8 ()
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.
6.8 ()
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503.
4.3 ()
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.4.2-ibm packages that fix various security issues are now\navailable for Red Hat Enterprise Linux 4 and 5 for SAP.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The IBM 1.4.2 SR13-FP4 Java release includes the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit.\n\nThis update fixes various vulnerabilities in the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit. These\nvulnerabilities are summarized on the IBM \"Security alerts\" page listed in\nthe References section. (CVE-2009-3555, CVE-2009-3867, CVE-2009-3869,\nCVE-2009-3871, CVE-2009-3874, CVE-2009-3875)\n\nFor the CVE-2009-3555 issue, this update disables renegotiation in the\nnon-default IBM JSSE2 provider for the Java Secure Socket Extension (JSSE)\ncomponent. The default JSSE provider is not updated with this fix. Refer to\nthe IBMJSSE2 Provider Reference Guide, linked to in the References, for\ninstructions on how to configure the IBM Java 2 Runtime Environment to use\nthe JSSE2 provider by default.\n\nWhen using the JSSE2 provider, unsafe renegotiation can be re-enabled using\nthe com.ibm.jsse2.renegotiate property. Refer to the following\nKnowledgebase article for details:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nWarning: Do not install these java-1.4.2-ibm packages for SAP alongside the\njava-1.4.2-ibm packages from the Red Hat Enterprise Linux Extras or\nSupplementary channels on the Red Hat Network. Doing so could cause your\nsystem to fail to update cleanly, among other possible problems.\n\nAll users of java-1.4.2-ibm for Red Hat Enterprise Linux 4 and 5 for SAP\nare advised to upgrade to these updated packages, which contain the IBM\n1.4.2 SR13-FP4 Java release. All running instances of IBM Java must be\nrestarted for this update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0408",
"url": "https://access.redhat.com/errata/RHSA-2010:0408"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "http://kbase.redhat.com/faq/docs/DOC-20491",
"url": "http://kbase.redhat.com/faq/docs/DOC-20491"
},
{
"category": "external",
"summary": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"category": "external",
"summary": "http://www.ibm.com/developerworks/java/jdk/security/142/secguides/jsse2docs/JSSE2RefGuide.html",
"url": "http://www.ibm.com/developerworks/java/jdk/security/142/secguides/jsse2docs/JSSE2RefGuide.html"
},
{
"category": "external",
"summary": "530057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530057"
},
{
"category": "external",
"summary": "530062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530062"
},
{
"category": "external",
"summary": "530063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530063"
},
{
"category": "external",
"summary": "530067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530067"
},
{
"category": "external",
"summary": "533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "533214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533214"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0408.json"
}
],
"title": "Red Hat Security Advisory: java-1.4.2-ibm security update",
"tracking": {
"current_release_date": "2026-05-27T17:14:10+00:00",
"generator": {
"date": "2026-05-27T17:14:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2010:0408",
"initial_release_date": "2010-05-12T16:21:00+00:00",
"revision_history": [
{
"date": "2010-05-12T16:21:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-05-12T12:21:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T17:14:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHEL 4 AS for SAP",
"product": {
"name": "RHEL 4 AS for SAP",
"product_id": "4AS-SAP",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_sap:4"
}
}
},
{
"category": "product_name",
"name": "RHEL 5 Server for SAP",
"product": {
"name": "RHEL 5 Server for SAP",
"product_id": "5Server-SAP",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_sap:5"
}
}
}
],
"category": "product_family",
"name": "RHEL for SAP"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product": {
"name": "java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product_id": "java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.4.2-ibm-demo@1.4.2.13.4.sap-1jpp.1.el4_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product": {
"name": "java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product_id": "java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.4.2-ibm-src@1.4.2.13.4.sap-1jpp.1.el4_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product": {
"name": "java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product_id": "java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.4.2-ibm-javacomm@1.4.2.13.4.sap-1jpp.1.el4_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product": {
"name": "java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product_id": "java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.4.2-ibm-devel@1.4.2.13.4.sap-1jpp.1.el4_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product": {
"name": "java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product_id": "java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.4.sap-1jpp.1.el4_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product_id": "java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.4.2-ibm-devel@1.4.2.13.4.sap-1jpp.1.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product_id": "java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.4.2-ibm-src@1.4.2.13.4.sap-1jpp.1.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product_id": "java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.4.2-ibm-javacomm@1.4.2.13.4.sap-1jpp.1.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product_id": "java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.4.sap-1jpp.1.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product_id": "java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.4.2-ibm-demo@1.4.2.13.4.sap-1jpp.1.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 as a component of RHEL 4 AS for SAP",
"product_id": "4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64"
},
"product_reference": "java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"relates_to_product_reference": "4AS-SAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 as a component of RHEL 4 AS for SAP",
"product_id": "4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64"
},
"product_reference": "java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"relates_to_product_reference": "4AS-SAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 as a component of RHEL 4 AS for SAP",
"product_id": "4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64"
},
"product_reference": "java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"relates_to_product_reference": "4AS-SAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 as a component of RHEL 4 AS for SAP",
"product_id": "4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64"
},
"product_reference": "java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"relates_to_product_reference": "4AS-SAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64 as a component of RHEL 4 AS for SAP",
"product_id": "4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64"
},
"product_reference": "java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"relates_to_product_reference": "4AS-SAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 as a component of RHEL 5 Server for SAP",
"product_id": "5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-SAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 as a component of RHEL 5 Server for SAP",
"product_id": "5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-SAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 as a component of RHEL 5 Server for SAP",
"product_id": "5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-SAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 as a component of RHEL 5 Server for SAP",
"product_id": "5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-SAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64 as a component of RHEL 5 Server for SAP",
"product_id": "5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3555",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2009-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "533125"
}
],
"notes": [
{
"category": "description",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS: MITM attacks via session renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "RHBZ#533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555"
}
],
"release_date": "2009-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-05-12T16:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0408"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS: MITM attacks via session renegotiation"
},
{
"cve": "CVE-2009-3867",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2009-11-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "533214"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "java-1.6.0-sun: Stack-based buffer overflow via a long file: URL argument (6854303)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3867"
},
{
"category": "external",
"summary": "RHBZ#533214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533214"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3867",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3867"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3867",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3867"
}
],
"release_date": "2009-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-05-12T16:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0408"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "java-1.6.0-sun: Stack-based buffer overflow via a long file: URL argument (6854303)"
},
{
"cve": "CVE-2009-3869",
"discovery_date": "2009-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "530062"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JRE AWT setDifflCM stack overflow (6872357)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3869"
},
{
"category": "external",
"summary": "RHBZ#530062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530062"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3869",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3869"
}
],
"release_date": "2009-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-05-12T16:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0408"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK JRE AWT setDifflCM stack overflow (6872357)"
},
{
"cve": "CVE-2009-3871",
"discovery_date": "2009-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "530063"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JRE AWT setBytePixels heap overflow (6872358)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3871"
},
{
"category": "external",
"summary": "RHBZ#530063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530063"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3871",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3871"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3871",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3871"
}
],
"release_date": "2009-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-05-12T16:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0408"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK JRE AWT setBytePixels heap overflow (6872358)"
},
{
"cve": "CVE-2009-3874",
"discovery_date": "2009-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "530067"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK ImageI/O JPEG heap overflow (6874643)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3874"
},
{
"category": "external",
"summary": "RHBZ#530067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3874",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3874"
}
],
"release_date": "2009-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-05-12T16:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0408"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK ImageI/O JPEG heap overflow (6874643)"
},
{
"cve": "CVE-2009-3875",
"discovery_date": "2009-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "530057"
}
],
"notes": [
{
"category": "description",
"text": "The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to \"timing attack vulnerabilities,\" aka Bug Id 6863503.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3875"
},
{
"category": "external",
"summary": "RHBZ#530057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3875"
}
],
"release_date": "2009-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-05-12T16:21:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0408"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"4AS-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el4_8.x86_64",
"5Server-SAP:java-1.4.2-ibm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-demo-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-devel-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-javacomm-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64",
"5Server-SAP:java-1.4.2-ibm-src-0:1.4.2.13.4.sap-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503)"
}
]
}
RHSA-2010:0440
Vulnerability from csaf_redhat - Published: 2010-05-25 20:41 - Updated: 2026-05-27 17:14Summary
Red Hat Security Advisory: rhev-hypervisor security and bug fix update
Severity
Important
Notes
Topic: An updated rhev-hypervisor package that fixes two security issues and
several bugs is now available.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details: The rhev-hypervisor package provides a Red Hat Enterprise Virtualization
(RHEV) Hypervisor ISO disk image. The RHEV Hypervisor is a dedicated
Kernel-based Virtual Machine (KVM) hypervisor. It includes everything
necessary to run and manage virtual machines: A subset of the Red Hat
Enterprise Linux operating environment and the Red Hat Enterprise
Virtualization Agent.
Note: RHEV Hypervisor is only available for the Intel 64 and AMD64
architectures with virtualization extensions.
It was discovered that OpenSSL did not always check the return value of
the bn_wexpand() function. An attacker able to trigger a memory allocation
failure in that function could cause an application using the OpenSSL
library to crash or, possibly, execute arbitrary code. (CVE-2009-3245)
A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure
Sockets Layer) protocols handled session renegotiation. A man-in-the-middle
attacker could use this flaw to prefix arbitrary plain text to a client's
session (for example, an HTTPS connection to a website). This could force
the server to process an attacker's request as if authenticated using the
victim's credentials. This update addresses this flaw in openssl, nss, and
gnutls by implementing the TLS Renegotiation Indication Extension, as
defined in RFC 5746. (CVE-2009-3555)
This updated package provides updated components that include fixes for
security issues; however, these issues have no security impact for RHEV
Hypervisor. These fixes are for kernel issues CVE-2009-4307, CVE-2010-0727,
CVE-2009-4027, and CVE-2010-1188; cpio issues CVE-2010-0624 and
CVE-2007-4476; gnutls issue CVE-2009-2409; openssl issue CVE-2010-0433; and
tar issues CVE-2010-0624 and CVE-2007-4476.
This update also fixes the following bugs:
* bridged network interfaces using the bnx2x, mlx4_en, enic and s2io
drivers had Large Receive Offload (LRO) enabled by default. This caused
significantly degraded network I/O performance. LRO has been disabled for
all network interface drivers which have LRO enabled by default in Red Hat
Enterprise Linux 5. With this change, network I/O performance is
significantly improved. (BZ#576374, BZ#579730)
* RHEV Hypervisor supported IPv6, but as this is not used to communicate
with the RHEV Manager, it is superfluous. Support for IPv6 has now been
disabled in RHEV Hypervisor. (BZ#577300)
* for VLAN interfaces, the hardware (MAC) address of the interface was set
only in the VLAN ifcfg script, not in the physical interface ifcfg script.
This caused network interfaces with VLAN tags to intermittently fail on
boot. The MAC address is now set in the ifcfg script for the underlying
physical interface. Network interfaces with VLAN tags now work consistently
between reboots. (BZ#581876)
* the hypervisor would hang on reboot after repeated upgrade operations,
due to GRUB accessing the /boot file system before it was flushed. The
/boot file system is now remounted before GRUB accesses it. (BZ#591111)
As RHEV Hypervisor is based on KVM, the bug fixes from the KVM update
RHBA-2010:0434 have been included in this update. Also included are the bug
fixes from the RHEV Manager Agent (VDSM) update RHBA-2010:0435.
KVM: https://rhn.redhat.com/errata/RHBA-2010-0434.html
VDSM: https://rhn.redhat.com/errata/RHBA-2010-0435.html
Users of the Red Hat Enterprise Virtualization Hypervisor are advised to
upgrade to this updated package, which corrects these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.
7.6 ()
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4.3 ()
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated rhev-hypervisor package that fixes two security issues and\nseveral bugs is now available.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The rhev-hypervisor package provides a Red Hat Enterprise Virtualization\n(RHEV) Hypervisor ISO disk image. The RHEV Hypervisor is a dedicated\nKernel-based Virtual Machine (KVM) hypervisor. It includes everything\nnecessary to run and manage virtual machines: A subset of the Red Hat\nEnterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: RHEV Hypervisor is only available for the Intel 64 and AMD64\narchitectures with virtualization extensions.\n\nIt was discovered that OpenSSL did not always check the return value of\nthe bn_wexpand() function. An attacker able to trigger a memory allocation\nfailure in that function could cause an application using the OpenSSL\nlibrary to crash or, possibly, execute arbitrary code. (CVE-2009-3245)\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client\u0027s\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker\u0027s request as if authenticated using the\nvictim\u0027s credentials. This update addresses this flaw in openssl, nss, and\ngnutls by implementing the TLS Renegotiation Indication Extension, as\ndefined in RFC 5746. (CVE-2009-3555)\n\nThis updated package provides updated components that include fixes for\nsecurity issues; however, these issues have no security impact for RHEV\nHypervisor. These fixes are for kernel issues CVE-2009-4307, CVE-2010-0727,\nCVE-2009-4027, and CVE-2010-1188; cpio issues CVE-2010-0624 and\nCVE-2007-4476; gnutls issue CVE-2009-2409; openssl issue CVE-2010-0433; and\ntar issues CVE-2010-0624 and CVE-2007-4476.\n\nThis update also fixes the following bugs:\n\n* bridged network interfaces using the bnx2x, mlx4_en, enic and s2io\ndrivers had Large Receive Offload (LRO) enabled by default. This caused\nsignificantly degraded network I/O performance. LRO has been disabled for\nall network interface drivers which have LRO enabled by default in Red Hat\nEnterprise Linux 5. With this change, network I/O performance is\nsignificantly improved. (BZ#576374, BZ#579730)\n\n* RHEV Hypervisor supported IPv6, but as this is not used to communicate\nwith the RHEV Manager, it is superfluous. Support for IPv6 has now been\ndisabled in RHEV Hypervisor. (BZ#577300)\n\n* for VLAN interfaces, the hardware (MAC) address of the interface was set\nonly in the VLAN ifcfg script, not in the physical interface ifcfg script.\nThis caused network interfaces with VLAN tags to intermittently fail on\nboot. The MAC address is now set in the ifcfg script for the underlying\nphysical interface. Network interfaces with VLAN tags now work consistently\nbetween reboots. (BZ#581876)\n\n* the hypervisor would hang on reboot after repeated upgrade operations,\ndue to GRUB accessing the /boot file system before it was flushed. The\n/boot file system is now remounted before GRUB accesses it. (BZ#591111)\n\nAs RHEV Hypervisor is based on KVM, the bug fixes from the KVM update\nRHBA-2010:0434 have been included in this update. Also included are the bug\nfixes from the RHEV Manager Agent (VDSM) update RHBA-2010:0435.\n\nKVM: https://rhn.redhat.com/errata/RHBA-2010-0434.html\nVDSM: https://rhn.redhat.com/errata/RHBA-2010-0435.html\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0440",
"url": "https://access.redhat.com/errata/RHSA-2010:0440"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "570924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=570924"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0440.json"
}
],
"title": "Red Hat Security Advisory: rhev-hypervisor security and bug fix update",
"tracking": {
"current_release_date": "2026-05-27T17:14:22+00:00",
"generator": {
"date": "2026-05-27T17:14:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2010:0440",
"initial_release_date": "2010-05-25T20:41:00+00:00",
"revision_history": [
{
"date": "2010-05-25T20:41:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-05-25T16:41:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T17:14:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Virtualization Hypervisor 5",
"product": {
"name": "Red Hat Enterprise Virtualization Hypervisor 5",
"product_id": "5Server-RHEV-Hypervisor-2",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::hypervisor"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
"product": {
"name": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
"product_id": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhev-hypervisor@5.4-2.1.12.1.el5_4rhev2_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"product": {
"name": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"product_id": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhev-hypervisor@5.4-2.1.12.1.el5_4rhev2_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"product": {
"name": "rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"product_id": "rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhev-hypervisor-pxe@5.4-2.1.12.1.el5_4rhev2_1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch as a component of Red Hat Enterprise Virtualization Hypervisor 5",
"product_id": "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
},
"product_reference": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"relates_to_product_reference": "5Server-RHEV-Hypervisor-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src as a component of Red Hat Enterprise Virtualization Hypervisor 5",
"product_id": "5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src"
},
"product_reference": "rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
"relates_to_product_reference": "5Server-RHEV-Hypervisor-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch as a component of Red Hat Enterprise Virtualization Hypervisor 5",
"product_id": "5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
},
"product_reference": "rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"relates_to_product_reference": "5Server-RHEV-Hypervisor-2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3245",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2010-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "570924"
}
],
"notes": [
{
"category": "description",
"text": "OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: missing bn_wexpand return value checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3245"
},
{
"category": "external",
"summary": "RHBZ#570924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=570924"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3245",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3245"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3245",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3245"
}
],
"release_date": "2010-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-05-25T20:41:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0440"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: missing bn_wexpand return value checks"
},
{
"cve": "CVE-2009-3555",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2009-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "533125"
}
],
"notes": [
{
"category": "description",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS: MITM attacks via session renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "RHBZ#533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555"
}
],
"release_date": "2009-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-05-25T20:41:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0440"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.noarch",
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-0:5.4-2.1.12.1.el5_4rhev2_1.src",
"5Server-RHEV-Hypervisor-2:rhev-hypervisor-pxe-0:5.4-2.1.12.1.el5_4rhev2_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS: MITM attacks via session renegotiation"
}
]
}
RHSA-2010:0768
Vulnerability from csaf_redhat - Published: 2010-10-13 16:22 - Updated: 2026-05-27 17:14Summary
Red Hat Security Advisory: java-1.6.0-openjdk security and bug fix update
Severity
Important
Notes
Topic: Updated java-1.6.0-openjdk packages that fix several security issues and
two bugs are now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details: These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.
defaultReadObject of the Serialization API could be tricked into setting a
volatile field multiple times, which could allow a remote attacker to
execute arbitrary code with the privileges of the user running the applet
or application. (CVE-2010-3569)
Race condition in the way objects were deserialized could allow an
untrusted applet or application to misuse the privileges of the user
running the applet or application. (CVE-2010-3568)
Miscalculation in the OpenType font rendering implementation caused
out-of-bounds memory access, which could allow remote attackers to execute
code with the privileges of the user running the java process.
(CVE-2010-3567)
JPEGImageWriter.writeImage in the imageio API improperly checked certain
image metadata, which could allow a remote attacker to execute arbitrary
code in the context of the user running the applet or application.
(CVE-2010-3565)
Double free in IndexColorModel could cause an untrusted applet or
application to crash or, possibly, execute arbitrary code with the
privileges of the user running the applet or application. (CVE-2010-3562)
The privileged accept method of the ServerSocket class in the Common Object
Request Broker Architecture (CORBA) implementation in OpenJDK allowed it to
receive connections from any host, instead of just the host of the current
connection. An attacker could use this flaw to bypass restrictions defined
by network permissions. (CVE-2010-3561)
Flaws in the Swing library could allow an untrusted application to modify
the behavior and state of certain JDK classes. (CVE-2010-3557)
Flaws in the CORBA implementation could allow an attacker to execute
arbitrary code by misusing permissions granted to certain system objects.
(CVE-2010-3554)
UIDefault.ProxyLazyValue had unsafe reflection usage, allowing untrusted
callers to create objects via ProxyLazyValue values. (CVE-2010-3553)
HttpURLConnection improperly handled the "chunked" transfer encoding
method, which could allow remote attackers to conduct HTTP response
splitting attacks. (CVE-2010-3549)
HttpURLConnection improperly checked whether the calling code was granted
the "allowHttpTrace" permission, allowing untrusted code to create HTTP
TRACE requests. (CVE-2010-3574)
HttpURLConnection did not validate request headers set by applets, which
could allow remote attackers to trigger actions otherwise restricted to
HTTP clients. (CVE-2010-3541, CVE-2010-3573)
The Kerberos implementation improperly checked the sanity of AP-REQ
requests, which could cause a denial of service condition in the receiving
Java Virtual Machine. (CVE-2010-3564)
The RHSA-2010:0339 update mitigated a man-in-the-middle attack in the way
the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols
handle session renegotiation by disabling renegotiation. This update
implements the TLS Renegotiation Indication Extension as defined in RFC
5746, allowing secure renegotiation between updated clients and servers.
(CVE-2009-3555)
The NetworkInterface class improperly checked the network "connect"
permissions for local network addresses, which could allow remote attackers
to read local network addresses. (CVE-2010-3551)
Information leak flaw in the Java Naming and Directory Interface (JNDI)
could allow a remote attacker to access information about
otherwise-protected internal network names. (CVE-2010-3548)
Note: Flaws concerning applets in this advisory (CVE-2010-3568,
CVE-2010-3554, CVE-2009-3555, CVE-2010-3562, CVE-2010-3557, CVE-2010-3548,
CVE-2010-3564, CVE-2010-3565, CVE-2010-3569) can only be triggered in
OpenJDK by calling the "appletviewer" application.
Bug fixes:
* This update provides one defense in depth patch. (BZ#639922)
* Problems for certain SSL connections. In a reported case, this prevented
the JBoss JAAS modules from connecting over SSL to Microsoft Active
Directory servers. (BZ#618290)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4.3 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy.
5.1 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to determine internal IP addresses or "otherwise-protected internal network names."
5.0 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is an HTTP request splitting vulnerability involving the handling of the chunked transfer encoding method by the HttpURLConnection class.
6.8 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors.
5.0 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to "permissions granted to certain system objects."
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of "behavior and state of certain JDK classes" and "mutable static."
6.8 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this involves the use of the privileged accept method in the ServerSocket class, which does not limit which hosts can connect and allows remote attackers to bypass intended network access restrictions.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue.
4.0 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that triggers memory corruption via large values in a subsample of a JPEG image, related to JPEGImageWriter.writeImage in the imageio API.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to a calculation error in right-to-left text character counts for the ICU OpenType font rendering implementation, which triggers an out-of-bounds memory access.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy.
5.1 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.
5.1 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
87 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.6.0-openjdk packages that fix several security issues and\ntwo bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "These packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit.\n\ndefaultReadObject of the Serialization API could be tricked into setting a\nvolatile field multiple times, which could allow a remote attacker to\nexecute arbitrary code with the privileges of the user running the applet\nor application. (CVE-2010-3569)\n\nRace condition in the way objects were deserialized could allow an\nuntrusted applet or application to misuse the privileges of the user\nrunning the applet or application. (CVE-2010-3568)\n\nMiscalculation in the OpenType font rendering implementation caused\nout-of-bounds memory access, which could allow remote attackers to execute\ncode with the privileges of the user running the java process.\n(CVE-2010-3567)\n\nJPEGImageWriter.writeImage in the imageio API improperly checked certain\nimage metadata, which could allow a remote attacker to execute arbitrary\ncode in the context of the user running the applet or application.\n(CVE-2010-3565)\n\nDouble free in IndexColorModel could cause an untrusted applet or\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the user running the applet or application. (CVE-2010-3562)\n\nThe privileged accept method of the ServerSocket class in the Common Object\nRequest Broker Architecture (CORBA) implementation in OpenJDK allowed it to\nreceive connections from any host, instead of just the host of the current\nconnection. An attacker could use this flaw to bypass restrictions defined\nby network permissions. (CVE-2010-3561)\n\nFlaws in the Swing library could allow an untrusted application to modify\nthe behavior and state of certain JDK classes. (CVE-2010-3557)\n\nFlaws in the CORBA implementation could allow an attacker to execute\narbitrary code by misusing permissions granted to certain system objects.\n(CVE-2010-3554)\n\nUIDefault.ProxyLazyValue had unsafe reflection usage, allowing untrusted\ncallers to create objects via ProxyLazyValue values. (CVE-2010-3553)\n\nHttpURLConnection improperly handled the \"chunked\" transfer encoding\nmethod, which could allow remote attackers to conduct HTTP response\nsplitting attacks. (CVE-2010-3549)\n\nHttpURLConnection improperly checked whether the calling code was granted\nthe \"allowHttpTrace\" permission, allowing untrusted code to create HTTP\nTRACE requests. (CVE-2010-3574)\n\nHttpURLConnection did not validate request headers set by applets, which\ncould allow remote attackers to trigger actions otherwise restricted to\nHTTP clients. (CVE-2010-3541, CVE-2010-3573)\n\nThe Kerberos implementation improperly checked the sanity of AP-REQ\nrequests, which could cause a denial of service condition in the receiving\nJava Virtual Machine. (CVE-2010-3564)\n\nThe RHSA-2010:0339 update mitigated a man-in-the-middle attack in the way\nthe TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols\nhandle session renegotiation by disabling renegotiation. This update\nimplements the TLS Renegotiation Indication Extension as defined in RFC\n5746, allowing secure renegotiation between updated clients and servers.\n(CVE-2009-3555)\n\nThe NetworkInterface class improperly checked the network \"connect\"\npermissions for local network addresses, which could allow remote attackers\nto read local network addresses. (CVE-2010-3551)\n\nInformation leak flaw in the Java Naming and Directory Interface (JNDI)\ncould allow a remote attacker to access information about\notherwise-protected internal network names. (CVE-2010-3548)\n\nNote: Flaws concerning applets in this advisory (CVE-2010-3568,\nCVE-2010-3554, CVE-2009-3555, CVE-2010-3562, CVE-2010-3557, CVE-2010-3548,\nCVE-2010-3564, CVE-2010-3565, CVE-2010-3569) can only be triggered in\nOpenJDK by calling the \"appletviewer\" application.\n\nBug fixes:\n\n* This update provides one defense in depth patch. (BZ#639922)\n\n* Problems for certain SSL connections. In a reported case, this prevented\nthe JBoss JAAS modules from connecting over SSL to Microsoft Active\nDirectory servers. (BZ#618290)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0768",
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/kb/docs/DOC-20491",
"url": "https://access.redhat.com/kb/docs/DOC-20491"
},
{
"category": "external",
"summary": "533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "618290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=618290"
},
{
"category": "external",
"summary": "639876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639876"
},
{
"category": "external",
"summary": "639880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639880"
},
{
"category": "external",
"summary": "639897",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639897"
},
{
"category": "external",
"summary": "639904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639904"
},
{
"category": "external",
"summary": "639909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639909"
},
{
"category": "external",
"summary": "639914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639914"
},
{
"category": "external",
"summary": "639920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639920"
},
{
"category": "external",
"summary": "639922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639922"
},
{
"category": "external",
"summary": "639925",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639925"
},
{
"category": "external",
"summary": "642167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642167"
},
{
"category": "external",
"summary": "642180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642180"
},
{
"category": "external",
"summary": "642187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642187"
},
{
"category": "external",
"summary": "642197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642197"
},
{
"category": "external",
"summary": "642202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642202"
},
{
"category": "external",
"summary": "642215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642215"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0768.json"
}
],
"title": "Red Hat Security Advisory: java-1.6.0-openjdk security and bug fix update",
"tracking": {
"current_release_date": "2026-05-27T17:14:25+00:00",
"generator": {
"date": "2026-05-27T17:14:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2010:0768",
"initial_release_date": "2010-10-13T16:22:00+00:00",
"revision_history": [
{
"date": "2010-10-13T16:22:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-10-13T12:23:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T17:14:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_id": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-devel@1.6.0.0-1.16.b17.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_id": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-src@1.6.0.0-1.16.b17.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_id": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-debuginfo@1.6.0.0-1.16.b17.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_id": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-demo@1.6.0.0-1.16.b17.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.16.b17.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_id": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-javadoc@1.6.0.0-1.16.b17.el5?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"product_id": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-devel@1.6.0.0-1.16.b17.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"product_id": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-src@1.6.0.0-1.16.b17.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"product_id": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-debuginfo@1.6.0.0-1.16.b17.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"product_id": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-demo@1.6.0.0-1.16.b17.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.16.b17.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"product_id": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-javadoc@1.6.0.0-1.16.b17.el5?arch=i386\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"product": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.16.b17.el5?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3555",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2009-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "533125"
}
],
"notes": [
{
"category": "description",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS: MITM attacks via session renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "RHBZ#533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555"
}
],
"release_date": "2009-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS: MITM attacks via session renegotiation"
},
{
"cve": "CVE-2010-3541",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642202"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3541"
},
{
"category": "external",
"summary": "RHBZ#642202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3541"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3541",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3541"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)"
},
{
"cve": "CVE-2010-3548",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639909"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to determine internal IP addresses or \"otherwise-protected internal network names.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK DNS server IP address information leak (6957564)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3548"
},
{
"category": "external",
"summary": "RHBZ#639909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3548",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3548"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK DNS server IP address information leak (6957564)"
},
{
"cve": "CVE-2010-3549",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642180"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is an HTTP request splitting vulnerability involving the handling of the chunked transfer encoding method by the HttpURLConnection class.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK HttpURLConnection request splitting (6952017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3549"
},
{
"category": "external",
"summary": "RHBZ#642180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3549",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3549"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK HttpURLConnection request splitting (6952017)"
},
{
"cve": "CVE-2010-3551",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642187"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK local network address disclosure (6952603)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3551"
},
{
"category": "external",
"summary": "RHBZ#642187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3551",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3551"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3551",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3551"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK local network address disclosure (6952603)"
},
{
"cve": "CVE-2010-3553",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642167"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Swing unsafe reflection usage (6622002)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3553"
},
{
"category": "external",
"summary": "RHBZ#642167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3553",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3553"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3553",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3553"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Swing unsafe reflection usage (6622002)"
},
{
"cve": "CVE-2010-3554",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639880"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to \"permissions granted to certain system objects.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK corba reflection vulnerabilities (6891766,6925672)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3554"
},
{
"category": "external",
"summary": "RHBZ#639880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639880"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3554",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3554"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3554",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3554"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK corba reflection vulnerabilities (6891766,6925672)"
},
{
"cve": "CVE-2010-3557",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639904"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of \"behavior and state of certain JDK classes\" and \"mutable static.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Swing mutable static (6938813)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3557"
},
{
"category": "external",
"summary": "RHBZ#639904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3557",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3557"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3557",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3557"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Swing mutable static (6938813)"
},
{
"cve": "CVE-2010-3561",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639880"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this involves the use of the privileged accept method in the ServerSocket class, which does not limit which hosts can connect and allows remote attackers to bypass intended network access restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK corba reflection vulnerabilities (6891766,6925672)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3561"
},
{
"category": "external",
"summary": "RHBZ#639880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639880"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3561",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3561"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3561",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3561"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK corba reflection vulnerabilities (6891766,6925672)"
},
{
"cve": "CVE-2010-3562",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639897"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK IndexColorModel double-free (6925710)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3562"
},
{
"category": "external",
"summary": "RHBZ#639897",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639897"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3562",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3562"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3562",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3562"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK IndexColorModel double-free (6925710)"
},
{
"cve": "CVE-2010-3564",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639914"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK kerberos vulnerability (6958060)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3564"
},
{
"category": "external",
"summary": "RHBZ#639914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3564"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK kerberos vulnerability (6958060)"
},
{
"cve": "CVE-2010-3565",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639920"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that triggers memory corruption via large values in a subsample of a JPEG image, related to JPEGImageWriter.writeImage in the imageio API.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JPEG writeImage remote code execution (6963023)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3565"
},
{
"category": "external",
"summary": "RHBZ#639920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639920"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3565"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK JPEG writeImage remote code execution (6963023)"
},
{
"cve": "CVE-2010-3567",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642197"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to a calculation error in right-to-left text character counts for the ICU OpenType font rendering implementation, which triggers an out-of-bounds memory access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK ICU Opentype layout engine crash (6963285)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3567"
},
{
"category": "external",
"summary": "RHBZ#642197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3567"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK ICU Opentype layout engine crash (6963285)"
},
{
"cve": "CVE-2010-3568",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639876"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Deserialization Race condition (6559775)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3568"
},
{
"category": "external",
"summary": "RHBZ#639876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639876"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3568",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3568"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3568",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3568"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Deserialization Race condition (6559775)"
},
{
"cve": "CVE-2010-3569",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639925"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Serialization inconsistencies (6966692)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3569"
},
{
"category": "external",
"summary": "RHBZ#639925",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639925"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3569"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Serialization inconsistencies (6966692)"
},
{
"cve": "CVE-2010-3573",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642202"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3573"
},
{
"category": "external",
"summary": "RHBZ#642202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3573"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)"
},
{
"cve": "CVE-2010-3574",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642215"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK HttpURLConnection incomplete TRACE permission check (6981426)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3574"
},
{
"category": "external",
"summary": "RHBZ#642215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642215"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3574",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3574"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK HttpURLConnection incomplete TRACE permission check (6981426)"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…