Test ID:	1.3.6.1.4.1.25623.1.0.69047
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2011:0290
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2011:0290. The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A denial of service flaw was found in the way certain strings were converted to Double objects. A remote attacker could use this flaw to cause Java based applications to hang, for example, if they parsed Double values in a specially-crafted HTTP request. (CVE-2010-4476) All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.6.0 SR9 Java release. All running instances of IBM Java must be restarted for the update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2011-0290.html http://www.ibm.com/developerworks/java/jdk/alerts/ Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4476 AIX APAR: IZ94423 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423 AIX APAR: PM31983 http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983 Debian Security Information: DSA-2161 (Google Search) http://www.debian.org/security/2011/dsa-2161 http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html http://security.gentoo.org/glsa/glsa-201406-32.xml HPdes Security Advisory: HPSBMA02642 http://marc.info/?l=bugtraq&m=130514352726432&w=2 HPdes Security Advisory: HPSBMU02690 http://marc.info/?l=bugtraq&m=131041767210772&w=2 HPdes Security Advisory: HPSBMU02797 http://marc.info/?l=bugtraq&m=134254957702612&w=2 HPdes Security Advisory: HPSBMU02799 http://marc.info/?l=bugtraq&m=134254866602253&w=2 HPdes Security Advisory: HPSBNS02633 http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715&admit=109447627+1298159618320+28353475 HPdes Security Advisory: HPSBOV02634 http://marc.info/?l=bugtraq&m=130497132406206&w=2 HPdes Security Advisory: HPSBOV02762 http://marc.info/?l=bugtraq&m=133469267822771&w=2 HPdes Security Advisory: HPSBTU02684 http://marc.info/?l=bugtraq&m=130497185606818&w=2 HPdes Security Advisory: HPSBUX02633 http://marc.info/?l=bugtraq&m=129899347607632&w=2 HPdes Security Advisory: HPSBUX02641 http://marc.info/?l=bugtraq&m=129960314701922&w=2 HPdes Security Advisory: HPSBUX02642 http://marc.info/?l=bugtraq&m=130270785502599&w=2 HPdes Security Advisory: HPSBUX02645 http://marc.info/?l=bugtraq&m=130168502603566&w=2 HPdes Security Advisory: HPSBUX02725 http://marc.info/?l=bugtraq&m=132215163318824&w=2 HPdes Security Advisory: HPSBUX02777 http://marc.info/?l=bugtraq&m=133728004526190&w=2 HPdes Security Advisory: HPSBUX02860 http://marc.info/?l=bugtraq&m=136485229118404&w=2 HPdes Security Advisory: SSRT100387 HPdes Security Advisory: SSRT100390 HPdes Security Advisory: SSRT100412 HPdes Security Advisory: SSRT100415 HPdes Security Advisory: SSRT100569 HPdes Security Advisory: SSRT100627 HPdes Security Advisory: SSRT100825 HPdes Security Advisory: SSRT100854 HPdes Security Advisory: SSRT100867 HPdes Security Advisory: SSRT101146 http://www.mandriva.com/security/advisories?name=MDVSA-2011:054 http://blog.fortify.com/blog/2011/02/08/Double-Trouble http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493 http://www.redhat.com/support/errata/RHSA-2011-0210.html http://www.redhat.com/support/errata/RHSA-2011-0211.html http://www.redhat.com/support/errata/RHSA-2011-0212.html http://www.redhat.com/support/errata/RHSA-2011-0213.html http://www.redhat.com/support/errata/RHSA-2011-0214.html http://www.redhat.com/support/errata/RHSA-2011-0282.html http://www.redhat.com/support/errata/RHSA-2011-0333.html http://www.redhat.com/support/errata/RHSA-2011-0334.html http://www.redhat.com/support/errata/RHSA-2011-0880.html http://www.securitytracker.com/id?1025062 http://secunia.com/advisories/43048 http://secunia.com/advisories/43280 http://secunia.com/advisories/43295 http://secunia.com/advisories/43304 http://secunia.com/advisories/43333 http://secunia.com/advisories/43378 http://secunia.com/advisories/43400 http://secunia.com/advisories/43659 http://secunia.com/advisories/44954 http://secunia.com/advisories/45022 http://secunia.com/advisories/45555 http://secunia.com/advisories/49198 SuSE Security Announcement: SUSE-SA:2011:024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html SuSE Security Announcement: SUSE-SU-2011:0823 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html http://www.vupen.com/english/advisories/2011/0365 http://www.vupen.com/english/advisories/2011/0377 http://www.vupen.com/english/advisories/2011/0379 http://www.vupen.com/english/advisories/2011/0422 http://www.vupen.com/english/advisories/2011/0434 http://www.vupen.com/english/advisories/2011/0605
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.