APAR status
Closed as program error.
Error description
Error Message: A security vulnerability in the Active Template Library(ATL) in various releases of Microsoft Visual Studio that is used by the Java Web Start ActiveX control may allow the Java Web Start ActiveX control to be leveraged to execute arbitrary code. This may occur as the result of a user of the Java Runtime Environment viewing a specially crafted web page that exploits this vulnerability. . Stack Trace: N/A . N/A
Local fix
N/A
Problem summary
The problem use to be happening because of the usage of Active Template Library (ATL) PROP_ENTRY macros.
Problem conclusion
This defect will be fixed in: 1.4.2 SR13 FP5 . JVM has been updated to avoid the vulnerability. . To obtain the fix: Install build 20100529 or later
Temporary fix
Comments
APAR Information
APAR number
PM13878
Reported component name
JAVA(1.3/1.4 CO
Reported component ID
5648C9800
Reported release
42A
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2010-05-06
Closed date
2010-06-22
Last modified date
2010-06-22
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
JAVA(1.3/1.4 CO
Fixed component ID
5648C9800
Applicable component levels
R42A PSN
UP
R42L PSN
UP
R42W PSN
UP
R420 PSN
UP
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SUPPORT","label":"IBM Worldwide Support"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1.4.2","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
09 February 2022