Rapid7 Vulnerability & Exploit Database

RHSA-2011:0568: eclipse security, bug fix, and enhancement update

Free InsightVM Trial No credit card necessary
Watch Demo See how it all works
Back to Search

RHSA-2011:0568: eclipse security, bug fix, and enhancement update



The Eclipse software development environment provides a set of tools forC/C++ and Java development.A cross-site scripting (XSS) flaw was found in the Eclipse Help Contentsweb application. An attacker could use this flaw to perform a cross-sitescripting attack against victims by tricking them into visiting aspecially-crafted Eclipse Help URL. (CVE-2010-4647)The following Eclipse packages have been upgraded to the versions found inthe official upstream Eclipse Helios SR1 release, providing a number ofbug fixes and enhancements over the previous versions:In addition, the following updates were made to the dependencies of theEclipse packages above:This update includes numerous upstream bug fixes and enhancements, such as:This update also fixes the following bugs:Users of eclipse should upgrade to these updated packages, which correctthese issues and add these enhancements.


  • redhat-upgrade-eclipse-birt
  • redhat-upgrade-eclipse-callgraph
  • redhat-upgrade-eclipse-cdt
  • redhat-upgrade-eclipse-cdt-parsers
  • redhat-upgrade-eclipse-cdt-sdk
  • redhat-upgrade-eclipse-changelog
  • redhat-upgrade-eclipse-debuginfo
  • redhat-upgrade-eclipse-dtp
  • redhat-upgrade-eclipse-emf
  • redhat-upgrade-eclipse-emf-examples
  • redhat-upgrade-eclipse-emf-sdk
  • redhat-upgrade-eclipse-emf-xsd
  • redhat-upgrade-eclipse-emf-xsd-sdk
  • redhat-upgrade-eclipse-gef
  • redhat-upgrade-eclipse-gef-examples
  • redhat-upgrade-eclipse-gef-sdk
  • redhat-upgrade-eclipse-jdt
  • redhat-upgrade-eclipse-linuxprofilingframework
  • redhat-upgrade-eclipse-mylyn
  • redhat-upgrade-eclipse-mylyn-cdt
  • redhat-upgrade-eclipse-mylyn-java
  • redhat-upgrade-eclipse-mylyn-pde
  • redhat-upgrade-eclipse-mylyn-trac
  • redhat-upgrade-eclipse-mylyn-webtasks
  • redhat-upgrade-eclipse-mylyn-wikitext
  • redhat-upgrade-eclipse-oprofile
  • redhat-upgrade-eclipse-oprofile-debuginfo
  • redhat-upgrade-eclipse-pde
  • redhat-upgrade-eclipse-platform
  • redhat-upgrade-eclipse-rcp
  • redhat-upgrade-eclipse-rse
  • redhat-upgrade-eclipse-swt
  • redhat-upgrade-eclipse-valgrind
  • redhat-upgrade-icu4j
  • redhat-upgrade-icu4j-eclipse
  • redhat-upgrade-icu4j-javadoc
  • redhat-upgrade-jetty-eclipse
  • redhat-upgrade-objectweb-asm
  • redhat-upgrade-objectweb-asm-javadoc
  • redhat-upgrade-sat4j

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center