logo
DATABASE RESOURCES PRICING ABOUT US

(RHSA-2008:0244) Moderate: java-1.5.0-bea security update

Description

The BEA WebLogic JRockit 1.5.0_14 JRE and SDK contain BEA WebLogic JRockit Virtual Machine 1.5.0_14, and are certified for the Java 5 Platform, Standard Edition, v1.5.0. A flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1187) A flaw was found in the JRE image parsing libraries. An untrusted application or applet could cause a denial of service, or possibly execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1193) A flaw was found in the JRE color management library. An untrusted application or applet could trigger a denial of service (JVM crash). (CVE-2008-1194) The vulnerabilities concerning applets listed above can only be triggered in java-1.5.0-bea, by calling the "appletviewer" application. Users of java-1.5.0-bea are advised to upgrade to these updated packages, which resolve these issues.


Affected Package


OS OS Version Package Name Package Version
RedHat 5 java-1.5.0-bea-devel 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-demo 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-src 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-src 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-demo 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-missioncontrol 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-demo 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-devel 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-jdbc 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-jdbc 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-missioncontrol 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-src 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-jdbc 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea 1.5.0.14-1jpp.2.el5
RedHat 5 java-1.5.0-bea-devel 1.5.0.14-1jpp.2.el5

Related