Vulnerabilities in the Java Runtime Environment May Allow Privileges to be Escalated

http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1

"Multiple buffer and integer overflow vulnerabilities in the Java
Runtime Environment with processing audio and image files may allow an
untrusted applet or Java Web Start application to escalate privileges.
For example, an untrusted applet may grant itself permissions to read
and write local files or execute local applications that are accessible
to the user running the untrusted applet."

These vulnerabilities affect:

Java SE for Windows, Solaris, and Linux:

* JDK and JRE 6 Update 16 and earlier
* JDK and JRE 5.0 Update 21 and earlier

Java SE for Macintosh

* Java for Mac OS X 10.6
* Java for Mac OS X 10.5 Update 5

These are addressed in:

Java SE for Windows, Solaris, and Linux:

* JDK and JRE 6 Update 17 or later
* JDK and JRE 5.0 Update 22 or later

Java SE for Macintosh

* Java for Mac OS X 10.6 Update 1
* Java for Mac OS X 10.5 Update 6

It is recommended to update to the latest version of Java to avoid these
vulnerabilities.