Potential Vulnerability in Oracles JRE - CA Technologies
{{search ? 'Close':'Search'}}

Potential Vulnerability in Oracle's JRE

There is a potential vulnerability in Oracle's JRE as delivered with CA Gen 7.0, 7.5, 7.6 and r8. Please follow the links below to Oracle's web site and follow the steps provided to correct the problems.

Potential Vulnerability Information
Oracle Java SE Critical Patch Update Advisory - June 2011

Java JDK, JRE, and SDK contain multiple vulnerabilities. For details, see
http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html.
References: CVE-2011-0862, CVE-2011-0873, CVE-2011-0815, CVE-2011-0817, CVE-2011-0863, CVE-2011-0864, CVE-2011-0802, CVE-2011-0814, CVE-2011-0871, CVE-2011-0786, CVE-2011-0788, CVE-2011-0866, CVE-2011-0868, CVE-2011-0872, CVE-2011-0867, CVE-2011-0869, CVE-2011-0865

BID 48122 - Oracle Java HotSpot Certificate Validation Security Bypass Vulnerability

Oracle Java HotSpot is prone to a security-bypass vulnerability because it fails to properly validate a self-signed certificate provider. Successful exploits will allow attackers to bypass certain security restrictions.
References:
http://www.securityfocus.com/bid/48122/
http://java.zacheusz.eu/provider-signature-verif-vuln-2/273/

Oracle Java SE and Java for Business Critical Patch Update Advisory - February 2011

Java JDK 6u23 and earlier, 5.0u27 and earlier, and 1.4.2_29 and earlier contain multiple vulnerabilities. Details and patches are available at
http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html
CVE references: CVE-2010-4452, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4467, CVE-2010-4469, CVE-2010-4473, CVE-2010-4422, CVE-2010-4451, CVE-2010-4466, CVE-2010-4470, CVE-2010-4471, CVE-2010-4476, CVE-2010-4447, CVE-2010-4475, CVE-2010-4468, CVE-2010-4450, CVE-2010-4448, CVE-2010-4472, CVE-2010-4474

Oracle Java SE and Java for Business Critical Patch Update Advisory - October 2010

This Critical Patch Update contains 29 new security fixes across Java SE and Java for Business products. For details, see
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

Sun JRE 1.5.0_06 Numerous

See Sun security alerts site for more info.

Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing