slesp3-java-1_4_2-ibmSecurity update for IBM Java 1.4.2Security update for IBM Java 1.4.2IBM Java 1.4.2 was updated to 13 fp3.
The following security issues were fixed: CVE-2009-3867: A
buffer overflow vulnerability in the Java Runtime
Environment audio system might allow an untrusted applet or
Java Web Start application to escalate privileges. For
example, an untrusted applet might grant itself permissions
to read and write local files, or run local applications
that are accessible to the user running the untrusted
applet.
CVE-2009-3875: A security vulnerability in the Java Runtime
Environment with verifying HMAC digests might allow
authentication to be bypassed. This action can allow a user
to forge a digital signature that would be accepted as
valid. Applications that validate HMAC-based digital
signatures might be vulnerable to this type of attack.
CVE-2009-3869: A buffer overflow vulnerability in the Java
Runtime Environment with processing image files might allow
an untrusted applet or Java Web Start application to
escalate privileges. For example, an untrusted applet might
grant itself permissions to read and write local files or
run local applications that are accessible to the user
running the untrusted applet.
CVE-2009-3871: A buffer overflow vulnerability in the Java
Runtime Environment with processing image files might allow
an untrusted applet or Java Web Start application to
escalate privileges. For example, an untrusted applet might
grant itself permissions to read and write local files or
run local applications that are accessible to the user
running the untrusted applet.
CVE-2009-3874: An integer overflow vulnerability in the
Java Runtime Environment with processing JPEG images might
allow an untrusted applet or Java Web Start application to
escalate privileges. For example, an untrusted applet might
grant itself permissions to read and write local files or
run local applications that are accessible to the user
running the untrusted applet.
IBM Java 1.4.2 was updated to 13 fp3.
The following security issues were fixed: CVE-2009-3867: A
buffer overflow vulnerability in the Java Runtime
Environment audio system might allow an untrusted applet or
Java Web Start application to escalate privileges. For
example, an untrusted applet might grant itself permissions
to read and write local files, or run local applications
that are accessible to the user running the untrusted
applet.
CVE-2009-3875: A security vulnerability in the Java Runtime
Environment with verifying HMAC digests might allow
authentication to be bypassed. This action can allow a user
to forge a digital signature that would be accepted as
valid. Applications that validate HMAC-based digital
signatures might be vulnerable to this type of attack.
CVE-2009-3869: A buffer overflow vulnerability in the Java
Runtime Environment with processing image files might allow
an untrusted applet or Java Web Start application to
escalate privileges. For example, an untrusted applet might
grant itself permissions to read and write local files or
run local applications that are accessible to the user
running the untrusted applet.
CVE-2009-3871: A buffer overflow vulnerability in the Java
Runtime Environment with processing image files might allow
an untrusted applet or Java Web Start application to
escalate privileges. For example, an untrusted applet might
grant itself permissions to read and write local files or
run local applications that are accessible to the user
running the untrusted applet.
CVE-2009-3874: An integer overflow vulnerability in the
Java Runtime Environment with processing JPEG images might
allow an untrusted applet or Java Web Start application to
escalate privileges. For example, an untrusted applet might
grant itself permissions to read and write local files or
run local applications that are accessible to the user
running the untrusted applet.
securityjava-1_4_2-ibmx86_64829d55a48d0b257a2120e5597b3445bcdbc1bde8java-1_4_2-ibm-develx86_642a7b6b7b9049d9768225b913f6675fc50a23b38c