A vulnerability in the Java Runtime Environment allows unauthenticated network attacks ( i.e. it may be exploited over a network without the need for a username and password)
Tivoli versions prior to 184.108.40.206.
IBM Tivoli Integrated Portal Java Double Literal Denial of Service Vulnerability.
IBM has acknowledged a vulnerability in IBM Tivoli Integrated Portal, which can be exploited by malicious people to cause a DoS (Denial of Service).
Vulnerabilities have been reported in Sun Java, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
Update to eWAS version 220.127.116.11 or update to TIP version 18.104.22.168. The fix for this vulnerability is in eWAS version 22.214.171.124. This version of eWAS is included with TIP 126.96.36.199 which is due out this November 2011