Oracle Java before version 1.6u29
Upgrade to Oracle Java 1.6u29.
The patch for CVE-2010-4448 mitigated the Port Exhaustion vulnerability by limiting the number of ports per JVM to 1024. However, this patch can be bypassed by hosting multiple JVMs. Therefore a new patch was released with a lower limit of 50 ports per JVM, making the multiple VMs attack infeasible.