A vulnerability in the Java Runtime Environment allows unauthenticated network attacks ( i.e. it may be exploited over a network without the need for a username and password)
Tivoli versions prior to 126.96.36.199.
IBM Tivoli Integrated Portal Java Double Literal Denial of Service Vulnerability.
IBM has acknowledged a vulnerability in IBM Tivoli Integrated Portal, which can be exploited by malicious people to cause a DoS (Denial of Service).
Vulnerabilities have been reported in Sun Java, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
Update to eWAS version 188.8.131.52 or update to TIP version 184.108.40.206. The fix for this vulnerability is in eWAS version 220.127.116.11. This version of eWAS is included with TIP 18.104.22.168 which is due out this November 2011