This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated java-1.5.0-bea packages that correct several security issues
are now available for Red Hat Enterprise Linux 4 Extras and 5
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
The BEA WebLogic JRockit 1.5.0_14 JRE and SDK contain BEA WebLogic
JRockit Virtual Machine 1.5.0_14, and are certified for the Java 5
Platform, Standard Edition, v1.5.0.
A flaw was found in the Java XSLT processing classes. An untrusted
application or applet could cause a denial of service, or execute
arbitrary code with the permissions of the user running the JRE.
A flaw was found in the JRE image parsing libraries. An untrusted
application or applet could cause a denial of service, or possibly
execute arbitrary code with the permissions of the user running the
A flaw was found in the JRE color management library. An untrusted
application or applet could trigger a denial of service (JVM crash).
The vulnerabilities concerning applets listed above can only be
triggered in java-1.5.0-bea, by calling the 'appletviewer'
Users of java-1.5.0-bea are advised to upgrade to these updated
packages, which resolve these issues.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true