- Jan 24, 2011
- 9,378
Apple has released Java security updates for Mac OS X v10.6.6 and Mac OS X v10.5.8 in order to address multiple vulnerabilities that could be exploited to execute arbitrary code.
The new updates patch vulnerabilities in Java 1.6.0_22 and Java 1.5.0_26 by updating the runtime's version to 1.6.0_24 or 1.5.0_28, respectively.
Oracle has released updated versions of the software back in February and Apple has skipped over 1.6.0_23 and 1.5.0_26 because they didn't fix any security vulnerabilities.
The Mac maker notes in its advisory that the new updates address vulnerabilities that may allow an untrusted Java applet to execute arbitrary code outside of the Java sandbox.
"Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user," the company writes.
There are a total of sixteen patched vulnerabilities, seven of which have the highest base score (10.0) on the Common Vulnerability Scoring System (CVSS) scale.
More details - link
The new updates patch vulnerabilities in Java 1.6.0_22 and Java 1.5.0_26 by updating the runtime's version to 1.6.0_24 or 1.5.0_28, respectively.
Oracle has released updated versions of the software back in February and Apple has skipped over 1.6.0_23 and 1.5.0_26 because they didn't fix any security vulnerabilities.
The Mac maker notes in its advisory that the new updates address vulnerabilities that may allow an untrusted Java applet to execute arbitrary code outside of the Java sandbox.
"Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user," the company writes.
There are a total of sixteen patched vulnerabilities, seven of which have the highest base score (10.0) on the Common Vulnerability Scoring System (CVSS) scale.
More details - link