A vulnerability in the Java Runtime Environment allows unauthenticated network attacks ( i.e. it may be exploited over a network without the need for a username and password)
Tivoli versions prior to 18.104.22.168.
IBM Tivoli Integrated Portal Java Double Literal Denial of Service Vulnerability.
IBM has acknowledged a vulnerability in IBM Tivoli Integrated Portal, which can be exploited by malicious people to cause a DoS (Denial of Service).
Vulnerabilities have been reported in Sun Java, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
Update to eWAS version 22.214.171.124 or update to TIP version 126.96.36.199. The fix for this vulnerability is in eWAS version 188.8.131.52. This version of eWAS is included with TIP 184.108.40.206 which is due out this November 2011