United States | English [Change]
Welcome, Guest

Nortel Response to Sun Java/JRE Multiple Vulnerabilities - SA27009

Description: Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories Multiple vulnerabilities have been reported in Sun Java JRE (Java Runtime Environment), which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, or potentially compromise a vulnerable system. 1) Multiple unspecified errors in the Java Runtime Environment can be exploited by e.g. a malicious applet or by using Java APIs to establish network connections to certain services on machines other than the originating host. 2) Multiple unspecified errors in Java Web Start can be exploited by a malicious applet to read/write local files or determine the location of the Java Web Start cache. 3) An unspecified error in the Java Runtime Environment can be exploited to move or copy arbitrary files on the system by e.g. tricking a user into dragging and dropping a file from an applet to a desktop application that has the proper permissions. Some Nortel products contain the affected software as a component and thus are potentially affected by these vulnerabilities. This multi-product consolidated response bulletin provides Nortel's recommendations for these products.
Type: Security Advisories
Number: 2007008451, Rev 1
Status: Retired
Date: 2008-02-22


Bulletin Downloads
Title Extension File Size Language
    Nortel Response to Sun Java/JRE Multiple Vulnerabilities - SA27009
Checksum: c6ec6c1054c107583554d888c93e531d  [MD5]		 [pdf] 26008 bytes English  




Associated Products
Application Server 5200
BroadBand STP
Bulletin temp product
CDMA Network Manager
CDMA Networks
CDMA SuperNode Data Manager
Circuit Switching
Communication Control Toolkit
Communication Server 1000 Telephony Manager
Communication Server 2000
Communication Server 2000 Core Manager
Communication Server 2000 Session Server Trunks
Communication Server 2000-Compact
Communication Server 2100
Contact Center - Multimedia
Contact Center Portfolio
DMS-100 SSP
DMS-100/200 Local Switching Systems
DMS-250
DMS-500
DMS-Global Services Platform
DMS-STP
DMS-STP/SSP IntegratedNode (INode)
Enterprise Network Management System
Extended Peripheral Module (XPM)
GSM Networks
GSM-UMTS Home Location Register
GSM-UMTS Mobile Switching Center Server
GSM-UMTS SuperNode Data Manager
INM Networks
  
Integrated Access - Cable
Integrated Element Management System (IEMS)
Media Gateway 9000
Media Processing Server (MPS) 1000
Media Processing Server (MPS) 500
Meridian SL-100
Multi-Wavelength Optical Repeater (MOR/MOR Plus)
Multimedia Communication Server 5100
Multiservice Data Manager (MDM)
OPTera Long Haul 4000 Optical Line System
OPTera Long Haul Optical Amplifier Shelf
Optical Network Manager
Optical Network Manager Trail Manager
Optivity Telephony Manager for SL-100
Packet Transit - AAL2
Packet Transit - IP
Packet Trunking - AAL1
Periphonics Speech Platform
Preside Management for Metro Optical Networks
Self-Service Portfolio
Services Edge Router 5500
Spectrum Peripheral Module (SPM)
Speech and Self-Service
SuperNode Data Manager
UMTS Networks
Universal Access - AAL1
Universal Access - IP
VoIP Infrastructure Solutions
Wireless Network Management System (W-NMS)
XA-Core