Attackers could exploit several Java-based flaws in Mac OS X to bypass certain security programs, launch cross-site...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
scripting assaults or cause a denial of service, Apple says.
Danish vulnerability clearinghouse Secunia said in its SA28115 advisory that an error in Java is caused by improper access checks, and that attackers could exploit it to add or remove items from a user's keychain without prompting the user via a specially crafted Java applet. Other vulnerabilities in Java 1.4 and J2SE 5.0 can be exploited to bypass certain security restrictions, conduct cross-site scripting attacks, cause a denial of service or compromise a user's machine.
Apple recommended in its advisory that users upgrade to Java Release 6 for Mac OS X 10.4.