A local or remote unprivileged user may be able to cause systems which have installed the Sun Java Enterprise System (JES) along with the patches listed below in Section 2 to become unresponsive or hang. This is a Denial of Service (DoS) due to a memory leak in the Network Security Services (NSS) software which is used by many of the Sun Java Enterprise System components such as the Sun Java System Application Server, the Sun Java System Web Server, and the Sun Java System Portal Server.
NSS is an open source project which adds support for SSL, S/MIME, and other Internet security standards to the Sun Java Enterprise System. Further information about NSS can be found at http://www.mozilla.org/projects/security/pki/nss/
This issue is also described in CVE-2006-3127 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3127