Sun Alert 102945 Security Vulnerabilities in the Network Security Services (NSS) Library May Affect Sun Java System Application Server, Web Server and Web Proxy Server

Product: Sun Java System Application Server Platform Edition 8.1 2005Q1, Sun Java System Web Server 7.0, Sun Java System Web Proxy Server 4.0, Sun Java System Web Server 6.1, Sun Java System Application Server Enterprise Edition 8.1 2005Q1

Sun Java System Application Server, Web Server and Proxy Server make use of the Network Security Services (NSS) library and are impacted by a number of security vulnerabilities related to the SSL2 implementation in that library if SSL2 is enabled in these servers. These vulnerabilities may allow remote users to cause the server to exit unexpectedly, causing a denial of service (DoS) to the application, or to execute arbitrary code.

These issues are also described in the following documents:

Other Sun products make use of the NSS library. For information regarding the impact to other products, please see Sun Alert 102856 at:

Avoidance: Patch, Workaround
State: Resolved
First released: 11-Jun-2007
Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today