From af7c6bc2a00ceb206ecb05b07f2f772866801a02 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Sun, 1 Mar 2015 07:01:24 -0500
Subject: [PATCH] additional patch for issue #196

Former-commit-id: 10b55f932b5ee52fa1f9ae3b96c15649dd5d6062
---
 .../dependencycheck/analyzer/HintAnalyzer.java | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java
index 2cf2c87c9..01198914b 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java
@@ -65,8 +65,8 @@ public class HintAnalyzer extends AbstractAnalyzer implements Analyzer {
     //</editor-fold>
 
     /**
-     * The HintAnalyzer uses knowledge about a dependency to add additional information to help in identification of
-     * identifiers or vulnerabilities.
+     * The HintAnalyzer uses knowledge about a dependency to add additional information to help in identification of identifiers
+     * or vulnerabilities.
      *
      * @param dependency The dependency being analyzed
      * @param engine The scanning engine
@@ -85,22 +85,30 @@ public class HintAnalyzer extends AbstractAnalyzer implements Analyzer {
                 Confidence.HIGH);
 
         final Evidence springTest3 = new Evidence("Manifest",
+                "Implementation-Title",
+                "spring-core",
+                Confidence.HIGH);
+
+        final Evidence springTest4 = new Evidence("Manifest",
                 "Bundle-Vendor",
                 "SpringSource",
                 Confidence.HIGH);
 
+        //springsource/vware problem
         Set<Evidence> evidence = dependency.getProductEvidence().getEvidence();
-        if (evidence.contains(springTest1) || evidence.contains(springTest2)) {
-            dependency.getProductEvidence().addEvidence("hint analyzer", "product", "springsource_spring_framework", Confidence.HIGH);
+        if (evidence.contains(springTest1) || evidence.contains(springTest2) || evidence.contains(springTest3)) {
+            dependency.getProductEvidence().addEvidence("hint analyzer", "product", "springsource spring framework", Confidence.HIGH);
             dependency.getVendorEvidence().addEvidence("hint analyzer", "vendor", "SpringSource", Confidence.HIGH);
             dependency.getVendorEvidence().addEvidence("hint analyzer", "vendor", "vmware", Confidence.HIGH);
         }
 
         evidence = dependency.getVendorEvidence().getEvidence();
-        if (evidence.contains(springTest3)) {
+        if (evidence.contains(springTest4)) {
             dependency.getProductEvidence().addEvidence("hint analyzer", "product", "springsource_spring_framework", Confidence.HIGH);
             dependency.getVendorEvidence().addEvidence("hint analyzer", "vendor", "vmware", Confidence.HIGH);
         }
+
+        //sun/oracle problem
         final Iterator<Evidence> itr = dependency.getVendorEvidence().iterator();
         final List<Evidence> newEntries = new ArrayList<Evidence>();
         while (itr.hasNext()) {