RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2010:0130)

Updated java-1.5.0-ibm packages that fix a security issue are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The IBM 1.5.0 Java release includes the IBM Java 2 Runtime...

HP-UX Update for Java VM (J2SE) or Java Secure Socket Extension (JSSE) Software HPSBUX00280

Check for the Version of Java VM J2SE or Java Secure Socket Extension JSSE Software OpenVAS Vulnerability Test HP-UX Update for Java VM J2SE or Java Secure Socket Extension JSSE Software HPSBUX00280 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

SuSE 10 Security Update : java-1_5_0-ibm (ZYPP Patch Number 4687)

The IBM Java JRE/SDK has been brought to release 1.5.0 SR6, containing several bugfixes, including the following security fixes : - A vulnerability in the Java Runtime Environment JRE with applet caching may allow an untrusted applet that is downloaded from a malicious website to make network...

CVE-2007-5281

The Java Secure Socket Extension JSSE in the Hitachi Cosminexus Developer's Kit for Java in various Hitachi Cosminexus 7.5 products before 07-50-01, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service via certain SSL/TLS handshake requests. NOTE: this may be...

CVE-2007-5281

The Java Secure Socket Extension JSSE in the Hitachi Cosminexus Developer's Kit for Java in various Hitachi Cosminexus 7.5 products before 07-50-01, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service via certain SSL/TLS handshake requests. NOTE: this may be...

CVE-2007-5281

CVE-2007-3698 is referenced in the JSSE component that processes SSL/TLS handshake requests. In the Hitachi Cosminexus context, JSSE in Hitachi Cosminexus Developer’s Kit for Java (Cosminexus 7.5) prior to 07-50-01 is affected in environments using JSSE for SSL/TLS, allowing a remote attacker to ...

Critical: Red Hat Security Advisory: java-1.5.0-sun security update

Updated java-1.5.0-sun packages that correct several security issues are available for Red Hat Enterprise Linux 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Java Runtime Environment JRE contains the software and tools that user...

Sun JSSE SSL/TLS握手处理拒绝服务漏洞

BUGTRAQ ID: 24846 CNCAN ID:CNCAN-2007071109 Sun JSSE是一款用于应用程序中提供数据传输安全性的安全套接字扩展。 多个Java实时环境中的Sun JSSE不正确处理SSL/TLS握手请求，远程攻击者可以利用漏洞对使用JSSE支持SSL/TLS的应用程序进行拒绝服务攻击。 目前没有详细漏洞细节提供。 Sun SDK Windows Production Release 1.4.2 15 Sun SDK Windows Production Release 1.4.214 Sun SDK Windows Production Release...

CVE-2007-3698

The CVE-2007-3698 issue affects the Java Secure Socket Extension (JSSE) in Sun JDK/JRE, including Sun JDK/JRE 6 Update 1 and earlier, JDK/JRE 5.0 Updates 7–11, and SDK/JRE 1.4.2_11–1.4.2_14, where crafted SSL/TLS handshake requests could cause the Java Runtime Environment to stop responding (deni...

CVE-2006-5201

Multiple packages on Sun Solaris, including 1 NSS; 2 Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.212, and SDK and JRE 1.3.x up to 1.3.119; 3 JSSE 1.0.303 and earlier; 4 IPSec/IKE; 5 Secure Global Desktop; and 6 StarOffice, when using an RSA key with exponent 3, removes...

CVE-2006-5201

CVE-2006-5201 affects Sun Solaris components (notably NSS, NSS-based libraries, Java JDK/JRE, JSSE, IPSec/IKE, and related Sun products). The root cause is when using an RSA key with exponent 3 that removes PKCS #1 padding prior to hash generation, enabling remote attackers to forge a PKCS #1 v1....

CVE-2003-1229

X509TrustManager in 1 Java Secure Socket Extension JSSE in SDK and JRE 1.4.0 through 1.4.001, 2 JSSE before 1.0.3, 3 Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and 4 Java Web Start 1.0 through 1.2 incorrectly calls the isClientTrusted method when determining server trust, which results in...

CVE-2003-1229

The issue concerns X509TrustManager in Java Secure Socket Extension (JSSE) across multiple Java platforms (SDK/JRE 1.4.0–1.4.0_01, JSSE before 1.0.3, Java Plug‑in SDK/JRE 1.3.0–1.4.1, and Java Web Start 1.0–1.2). The X509TrustManager incorrectly calls isClientTrusted when determining server trust...

CVE-2004-2393

Affected software : Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2. Issue : JSSE does not properly validate the certificate chain of a client or server, enabling remote attackers to falsely authenticate peers for SSL/TLS. Root cause : insufficient certificate-chain validation. Impact :...

HP-UX PHSS_28686 : s700_800 11.04 Virtualvault 4.6 OWS update

s700800 11.04 Virtualvault 4.6 OWS update : The remote HP-UX host is affected by multiple vulnerabilities : - A remotely exploitable potential vulnerability has been reported in CAN-2003-0078. - 1 A defect in the JavaTM Virtual Machine may allow illegal access to protected fields or methods of an...