Vulnerability & Exploit Database

Back to search

RHSA-2010:0807: java-1.5.0-ibm security update

Severity CVSS Published Added Modified
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C) October 19, 2010 November 11, 2010 July 04, 2017

Description

The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment andthe IBM Java 2 Software Development Kit.This update fixes several vulnerabilities in the IBM Java 2 RuntimeEnvironment and the IBM Java 2 Software Development Kit. Detailedvulnerability descriptions are linked from the IBM "Security alerts" page,listed in the References section. (CVE-2010-1321, CVE-2010-3541,CVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3556,CVE-2010-3559, CVE-2010-3562, CVE-2010-3565, CVE-2010-3566, CVE-2010-3568,CVE-2010-3569, CVE-2010-3572, CVE-2010-3573, CVE-2010-3574)The RHSA-2010:0130 update mitigated a man-in-the-middle attack in the waythe TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocolshandle session renegotiation by disabling renegotiation. This updateimplements the TLS Renegotiation Indication Extension as defined in RFC5746, allowing secure renegotiation between updated clients and servers.(CVE-2009-3555)All users of java-1.5.0-ibm are advised to upgrade to these updatedpackages, containing the IBM 1.5.0 SR12-FP2 Java release. All runninginstances of IBM Java must be restarted for this update to take effect.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution Reference

Java Security Update

Solution

redhat-upgrade-java-1-5-0-ibm

Related Vulnerabilities