10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.027 Low
EPSS
Percentile
89.4%
The IBM 1.4.2 SR13-FP8 Java release includes the IBM Java 2 Runtime
Environment and the IBM Java 2 Software Development Kit.
This update fixes two vulnerabilities in the IBM Java 2 Runtime Environment
and the IBM Java 2 Software Development Kit. Detailed vulnerability
descriptions are linked from the IBM “Security alerts” page, listed in the
References section. (CVE-2010-1321, CVE-2010-3574)
Note: The RHSA-2010:0935 java-1.4.2-ibm update did not, unlike the erratum
text stated, provide fixes for the above issues.
All users of java-1.4.2-ibm are advised to upgrade to these updated
packages, which contain the IBM 1.4.2 SR13-FP8 Java release. All running
instances of IBM Java must be restarted for this update to take effect.