Recently IBM has announced a security vulnerability in their asset management applications such as Maximo, and IBM now has a fix for this. Here is an overview of the issue:
A critical Java class library security vulnerability was blogged on the Internet and is now in the public domain. This can be used as a denial of service attack against app servers. This vulnerability affects all versions and releases of Java (1.4.2, 5.0 and 6.0) on all platforms. Web servers and web services are particularly at risk.