Home / mailings APPLE-SA-2009-02-12 Java for Mac OS X 10.5 Update 3
Posted on 12 February 2009
Apple Security-announce-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2009-02-12 Java for Mac OS X 10.5 Update 3
Java for Mac OS X 10.5 Update 3 is now available and addresses the
following:
Java
CVE-ID: CVE-2008-2086, CVE-2008-5340, CVE-2008-5342, CVE-2008-5343
Available for: Mac OS X v10.5.6 and later with Java for
Mac OS X 10.5 Update 2, Mac OS X Server v10.5.6 and later with
Java for Mac OS X 10.5 Update 2
Impact: Multiple vulnerabilities in Java Web Start and Java Plug-in
Description: Multiple vulnerabilities exist in Java Web Start and
the Java Plug-in, the most serious of which may allow untrusted Java
Web Start applications and untrusted Java applets to obtain elevated
privileges. Visiting a web page containing a maliciously crafted Java
applet may lead to arbitrary code execution with the privileges of
the current user. This update provides patches for the Java Bug IDs
6694892, 6707535, 6727081 and 6767668 from Sun Microsystems.
Java for Mac OS X 10.5 Update 3 may be obtained from the Software
Update pane in System Preferences, or Apple's Software Downloads
web site: http://www.apple.com/support/downloads/
The download file is named: JavaForMacOSX10.5Update3.dmg
Its SHA-1 digest is: c4b2a1ed7a6629a0dee6498758c69d5b473ed6dc
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/