PROBLEM:
IBM has acknowledged multiple vulnerabilities in IBM Java
PLATFORM:
IBM Java 7.x
ABSTRACT:
Vulnerabilities can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
Reference Links:
Secunia Advisory 49333
CVE-2011-3389
Vendor Advisory
IMPACT ASSESSMENT:
High
Discussion:
IBM released a patch to address vulerabilities in IBM Java 7. IBM 7 SR1 is available for download.
Impact:
Hijacking
Manipulation of data
Exposure of sensitive information
DoS
System access
Spoofing
Solution:
The IBM patch is available at the IBM downloads page.