PROBLEM:
HP issued an update for Java in HP-UX to address multiple vulnerabilities.
PLATFORM:
HP-UX 11.x
ABSTRACT:
Multiple vulnerabilities can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information.
referenceĀ LINKS:
Secunia Advisory 47709
Secunia Advisory 46512
HP Support Document
IMPACT ASSESSMENT:
High
Discussion:
The vulnerabilities are reported in versions B.11.11, B.11.23, and B.11.31 running HP JDK and JRE 6.0.12 and prior. Vulnerabilities inlcude the ability to hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
Impact:
Hijacking, Spoofing, Manipulation of data, Exposure of sensitive information, DoS and System access
Solution:
HP has provided Java version upgrades to resolve these vulnerabilities Java Update.