The HttpURLConnection class did not properly handle the "chunked" transfer encoding method. This could be misused by remote attackers to conduct HTTP request splitting attacks. (CVE-2010-3549) The CVSSv2 scored upstream is cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P Reference: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2010:0768 https://rhn.redhat.com/errata/RHSA-2010-0768.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2010:0770 https://rhn.redhat.com/errata/RHSA-2010-0770.html
This issue has been addressed in following products: Extras for RHEL 3 Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2010:0786 https://rhn.redhat.com/errata/RHSA-2010-0786.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2010:0807 https://rhn.redhat.com/errata/RHSA-2010-0807.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2010:0865 https://rhn.redhat.com/errata/RHSA-2010-0865.html
This issue has been addressed in following products: Extras for Red Hat Enterprise Linux 6 Via RHSA-2010:0873 https://rhn.redhat.com/errata/RHSA-2010-0873.html
This issue has been addressed in following products: RHEL 4 for SAP RHEL 5 for SAP RHEL 6 for SAP Via RHSA-2010:0986 https://rhn.redhat.com/errata/RHSA-2010-0986.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Extras for Red Hat Enterprise Linux 6 Via RHSA-2010:0987 https://rhn.redhat.com/errata/RHSA-2010-0987.html
This issue has been addressed in following products: Red Hat Network Satellite Server v 5.4 Via RHSA-2011:0880 https://rhn.redhat.com/errata/RHSA-2011-0880.html