A vulnerability in the Java Runtime Environment allows unauthenticated network attacks ( i.e. it may be exploited over a network without the need for a username and password)
Tivoli versions prior to 188.8.131.52.
IBM Tivoli Integrated Portal Java Double Literal Denial of Service Vulnerability.
IBM has acknowledged a vulnerability in IBM Tivoli Integrated Portal, which can be exploited by malicious people to cause a DoS (Denial of Service).
Vulnerabilities have been reported in Sun Java, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
Update to eWAS version 184.108.40.206 or update to TIP version 220.127.116.11. The fix for this vulnerability is in eWAS version 18.104.22.168. This version of eWAS is included with TIP 22.214.171.124 which is due out this November 2011