Three main issues are addressed by this round of updates to the Java platform.

An unspecified error in the Java Runtime Environment (JRE) may lead to untrusted Java Web Start applications or applets manipulating arbitrary local filesystem content.

Other unspecified errors in Java Web Start could allow access to the Java Web Start cache or files accessible by the local user in the context of their system account.

Finally, unspecified errors in the Java Runtime Environment could allow arbitrary network connections to be established.

Description:

Numerous vulnerabilities affecting the Java Runtime Environment (JRE) and the appropriate Java / Software Development Kits (JDK/SDK) have been identified and patched by Sun Microsystems. In the worst case, the vulnerabilities could lead to an attacker taking control over a vulnerable system, but may lead to information disclosure or security restriction avoidance prior to that.

Mitigation:

Update to JDK / JRE 6 Update 3, or JDK / JRE 5.0 Update 13, or later of those platforms.

Updates:

http://www.java.com

Source:

Various

Exploits:

Not Yet Identified