Java parseDouble Security Vulnerability Update for Tivoli License Compliance Manager

Flash (Alert)


Abstract

A critical Java class library security vulnerability was blogged on the Internet and is now in the public domain. This can be used as a denial of service attack against app servers. This vulnerability affects all versions and releases of Java (1.4.2, 5.0 and 6.0) on all platforms. Web servers and web services are particularly at risk.

Content

To remediate this vulnerability, you will need to perform two distinct actions. You will need to update the Java Runtime Environment (JRE). The Java Runtime Environment provides the libraries, the Java Virtual Machine, and other components to run applets and applications.

You also need to update your application server's Java Developer Kit (JDK). The JDK lets you develop and deploy Java applications on desktops and servers.

We are currently in the process of compiling the list of fixes for JRE and JDK used in the affected product. This data is expected to be available shortly.

Please do not open a PMR or contact Product Support at this time for this issue. This document will be updated immediately once we can provide product specific details.


Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Tivoli License Compliance Manager

Software version:

2.2, 2.3

Operating system(s):

AIX, HP-UX, Linux, Solaris, Windows

Software edition:

All Editions

Reference #:

1468997

Modified date:

2012-02-07

Translate my page

Machine Translation

Content navigation