RedHat Update For Java-1.6.0-openjdk RHSA-2011:0214-01 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. A denial of service flaw was found in the way certain strings were converted to Double objects. A remote attacker could use this flaw to cause Java-based applications to hang, for instance if they parse Double values in a specially-crafted HTTP request. (CVE-2010-4476) All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve this issue. All running instances of OpenJDK Java must be restarted for the update to take effect.

Affected

java-1.6.0-openjdk on Red Hat Enterprise Linux (v. 5 server)

References

https://www.redhat.com/archives/rhsa-announce/2011-February/msg00011.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4476

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:1036
RedHat Security Advisory RHSA-2009:0267
RedHat Security Advisory RHSA-2009:1541
RedHat Update for 389-ds-base RHSA-2013:1119-01
RedHat Security Advisory RHSA-2009:1082

RedHat Update for java-1.6.0-openjdk RHSA-2011:0214-01

Take action and discover your vulnerabilities