RHSA-2011:0290: java-1.6.0-ibm security update
Description
The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment andthe IBM Java 2 Software Development Kit.A denial of service flaw was found in the way certain strings wereconverted to Double objects. A remote attacker could use this flaw to causeJava based applications to hang, for example, if they parsed Double valuesin a specially-crafted HTTP request. (CVE-2010-4476)All users of java-1.6.0-ibm are advised to upgrade to these updatedpackages, containing the IBM 1.6.0 SR9 Java release. All running instancesof IBM Java must be restarted for the update to take effect.
Solution(s)
- redhat-upgrade-java-1-6-0-ibm
- redhat-upgrade-java-1-6-0-ibm-accessibility
- redhat-upgrade-java-1-6-0-ibm-demo
- redhat-upgrade-java-1-6-0-ibm-devel
- redhat-upgrade-java-1-6-0-ibm-javacomm
- redhat-upgrade-java-1-6-0-ibm-jdbc
- redhat-upgrade-java-1-6-0-ibm-plugin
- redhat-upgrade-java-1-6-0-ibm-src
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center