BEA07-176.00とか、「Server may select a cipher suite that uses a null cipher for SSL communication with SSL clients」Man In The Middleで危険じゃないかな・・・

BEA07-87.02 「A malicious client can cause threads to hang on the server.」が一番危険か。

詳細はばるちゃんにお願いしよっとｗ

Date	Number	Title	Type	Threat	Severity	Products
2007/8/28	BEA07-178.00	Java Secure Socket Extension Does Not Correctly Process SSL/TLS Handshake Requests Resulting in a Denial of Service (DoS) Condition	advisory	High	High	JRockit R27.3.1 or prior using 1.6 .0_1 or earlier JRockit R27.3.1 or prior using 1.5.0 Updates 7, 8, 9, 10, and 11 JRockit R27.3.1 or prior using 1.4.2 Updates 11, 12, 13, and 14
2007/8/28	BEA07-177.00	Multiple Security Vulnerabilities in the Java Runtime Environment	advisory	High	High	JRockit R27.3.1 or prior using 1.6.0_1 or earlier JRockit R27.3.1 or prior using 1.5.0 _11 or earlier JRockit R27.3.1 or prior using 1.4.2 _14 or earlier JRockit 7.0 SP6 RP1 or prior using JRE 1.3.1_20 or earlier
2007/8/28	BEA07-176.00	Server may select a cipher suite that uses a null cipher for SSL communication with SSL clients	advisory	Medium	Medium	WLS 10.0 WLS 9.2 (-MP1) WLS 9.1 WLS 9.0 WLS 8.1 (-SP6) WLS 7.0 (-SP7)
2007/8/28	BEA07-175.00	SSL clients may not find all possible cipher suites resulting in use of the default null cipher (no encryption)	advisory	Medium	Medium	WLS 10.0 WLS 9.2 (-MP2) WLS 9.1 WLS 9.0 WLS 8.1 (SP2-SP6) WLS 7.0 SP7
2007/8/28	BEA07-148.01	Malformed headers may cause high disk consumption	advisory	High	Medium	WLS 7.0 (-SP7) WLS 6.1 (-SP7)
2007/8/28	BEA07-87.02	A malicious client can cause threads to hang on the server.	advisory	High	High	WLS 8.1 (-SP4) WLS 7.0 (-SP7) WLS 6.1 (-SP7)