Oval Definition:oval:org.mitre.oval:def:22873
Revision Date:2014-05-26Version:80
Title:ELSA-2010:0807: java-1.5.0-ibm security update (Critical)
Description:Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-3555
CVE-2010-1321
CVE-2010-3541
CVE-2010-3548
CVE-2010-3549
CVE-2010-3550
CVE-2010-3551
CVE-2010-3556
CVE-2010-3559
CVE-2010-3562
CVE-2010-3565
CVE-2010-3566
CVE-2010-3568
CVE-2010-3569
CVE-2010-3572
CVE-2010-3573
CVE-2010-3574
ELSA-2010:0807-01
Platform(s):Oracle Linux 5
Product(s):java-1.5.0-ibm
Definition Synopsis
  • Oracle Linux 5.x
  • AND rpm test
  • java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • OR java-1.5.0-ibm is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • OR java-1.5.0-ibm-accessibility is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • OR java-1.5.0-ibm-src is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • OR java-1.5.0-ibm-plugin is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • OR java-1.5.0-ibm-devel is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • OR java-1.5.0-ibm-demo is earlier than 1:1.5.0.12.2-1jpp.1.el5
  • OR java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.12.2-1jpp.1.el5
    • BACK