The HttpURLConnection class improperly checked whether the calling code was granted the "allowHttpTrace" permission, allowing untrusted code to create HTTP TRACE requests. (CVE-2010-3574) The CVSSv2 scored upstream is cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P Reference: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2010:0768 https://rhn.redhat.com/errata/RHSA-2010-0768.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2010:0770 https://rhn.redhat.com/errata/RHSA-2010-0770.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2010:0807 https://rhn.redhat.com/errata/RHSA-2010-0807.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2010:0865 https://rhn.redhat.com/errata/RHSA-2010-0865.html
This issue has been addressed in following products: Extras for Red Hat Enterprise Linux 6 Via RHSA-2010:0873 https://rhn.redhat.com/errata/RHSA-2010-0873.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2010:0935 https://rhn.redhat.com/errata/RHSA-2010-0935.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Extras for Red Hat Enterprise Linux 6 Via RHSA-2010:0987 https://rhn.redhat.com/errata/RHSA-2010-0987.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2011:0152 https://rhn.redhat.com/errata/RHSA-2011-0152.html
This issue has been addressed in following products: Red Hat Network Satellite Server v 5.4 Via RHSA-2011:0880 https://rhn.redhat.com/errata/RHSA-2011-0880.html