You are here

U-087: HP-UX update for Java

January 24, 2012 - 7:00am

Addthis

PROBLEM:

HP issued an update for Java in HP-UX to address multiple vulnerabilities.

PLATFORM:

HP-UX 11.x

ABSTRACT:

Multiple vulnerabilities can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information.

referenceĀ  LINKS:

Secunia Advisory 47709
Secunia Advisory 46512
HP Support Document

IMPACT ASSESSMENT:

High

Discussion:

The vulnerabilities are reported in versions B.11.11, B.11.23, and B.11.31 running HP JDK and JRE 6.0.12 and prior. Vulnerabilities inlcude the ability to hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

Impact:

Hijacking, Spoofing, Manipulation of data, Exposure of sensitive information, DoS and System access

Solution:

HP has provided Java version upgrades to resolve these vulnerabilities Java Update.

Addthis