Sun Java System Application Server, Web Server and Proxy Server make use of the Network Security Services (NSS) library and are impacted by a number of security vulnerabilities related to the SSL2 implementation in that library if SSL2 is enabled in these servers. These vulnerabilities may allow remote users to cause the server to exit unexpectedly, causing a denial of service (DoS) to the application, or to execute arbitrary code.
These issues are also described in the following documents:
Other Sun products make use of the NSS library. For information regarding the impact to other products, please see Sun Alert 102856 at: