Rapid7 Vulnerability & Exploit Database

RHSA-2009:1236: java-1.5.0-ibm security update

Free InsightVM Trial No credit card necessary
Watch Demo See how it all works
Back to Search

RHSA-2009:1236: java-1.5.0-ibm security update



The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment andthe IBM Java 2 Software Development Kit.This update fixes several vulnerabilities in the IBM Java 2 RuntimeEnvironment and the IBM Java 2 Software Development Kit. Thesevulnerabilities are summarized on the IBM "Security alerts" page listed inthe References section. (CVE-2009-2625, CVE-2009-2670, CVE-2009-2671,CVE-2009-2672, CVE-2009-2673, CVE-2009-2675)All users of java-1.5.0-ibm are advised to upgrade to these updatedpackages, containing the IBM 1.5.0 SR10 Java release. All running instancesof IBM Java must be restarted for this update to take effect.Note: The packages included in this update are identical to the packagesmade available by RHEA-2009:1208 and RHEA-2009:1210 on the 13th ofAugust 2009. These packages are being reissued as a Red Hat SecurityAdvisory as they fixed a number of security issues that were not madepublic until after those errata were released. Since the packages areidentical, there is no need to install this update if RHEA-2009:1208 orRHEA-2009:1210 has already been installed.


  • redhat-upgrade-java-1-5-0-ibm
  • redhat-upgrade-java-1-5-0-ibm-accessibility
  • redhat-upgrade-java-1-5-0-ibm-demo
  • redhat-upgrade-java-1-5-0-ibm-devel
  • redhat-upgrade-java-1-5-0-ibm-javacomm
  • redhat-upgrade-java-1-5-0-ibm-jdbc
  • redhat-upgrade-java-1-5-0-ibm-plugin
  • redhat-upgrade-java-1-5-0-ibm-src

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center