APPLE-SA-2011-03-08-2 Java for Mac OS X 10.5 Update 9
APPLE-SA-2011-03-08-2 Java for Mac OS X 10.5 Update 9
- Subject: APPLE-SA-2011-03-08-2 Java for Mac OS X 10.5 Update 9
- From: Apple Product Security <email@hidden>
- Date: Tue, 8 Mar 2011 13:12:13 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2011-03-08-2 Java for Mac OS X 10.5 Update 9
Java for Mac OS X 10.5 Update 9 is now available and addresses the
following:
Java
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Multiple vulnerabilities in Java 1.6.0_22
Description: Multiple vulnerabilities exist in Java 1.6.0_22, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.6.0_24.
Further information is available via the Java website at
http://java.sun.com/javase/6/webnotes/ReleaseNotes.html
CVE-ID
CVE-2010-4422
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4454
CVE-2010-4462
CVE-2010-4463
CVE-2010-4465
CVE-2010-4467
CVE-2010-4468
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2010-4473
CVE-2010-4476
Java
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Multiple vulnerabilities in Java 1.5.0_26
Description: Multiple vulnerabilities exist in Java 1.5.0_26, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.5.0_28.
Further information is available via the Java website at http://www.o
racle.com/technetwork/java/javase/documentation/overview-137139.html
CVE-ID
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4454
CVE-2010-4462
CVE-2010-4465
CVE-2010-4468
CVE-2010-4469
CVE-2010-4471
CVE-2010-4473
CVE-2010-4476
Java for Mac OS X 10.5 Update 9 may be obtained from the Software
Update pane in System Preferences, or Apple's Software Downloads
web site: http://www.apple.com/support/downloads/
The download file is named: JavaForMacOSX10.5Update9.dmg
Its SHA-1 digest is: 65173cd19b5f4dd9b6b3bc396c364665eae23217
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (Darwin)
iQEcBAEBAgAGBQJNdnYHAAoJEGnF2JsdZQee6u8IAMPf/ftUPYtjBK8RWxjwFhUv
Czj79SLQ81Rie/JvuGib90b9IWX5U757tKdoumyCF6Pv2lEjo53Cu+1k/6TgrTzL
p6odiSbQ8xYpzZ5FLn3CrfN94a1SK00+TdocKN0zpRKENRSz2uNaFwfHILo1SyMe
Gr19M6Av0QKrNBXZSILR5l1WIA5Bg8Hk0HWiKl/Jo+F7uvZzWX98qP8rKFBLQw+r
llnK8c/JAMSt79MRXNhGXJKfLpPPiPG2RiUdCHQci87pPkm4pmioEFXTvaDDUSpZ
ZirowKvDqEaR1XpW67/8JcY3+mW/QKXNMGnFaBSqFZLzQ5wxtn6IxNnk/8RaSdY=
=IR0f
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden