Sun disclosed these vulnerability details in
Two vulnerabilities in the Java Runtime Environment may independently allow an
untrusted application or applet that is downloaded from a website to elevate its
privileges. For example, the application or applet may grant itself permissions
to read and write local files or execute local applications that are accessible
to the user running the untrusted application or applet.
* JDK and JRE 6 Update 1 or earlier
* JDK and JRE 5.0 Update 13 or earlier (