A vulnerability in the Java Runtime Environment relating to scripting language support may allow an untrusted applet or application to elevate its privileges. For example, an untrusted applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. A second vulnerability in the Java Runtime Environment relating to scripting language support may allow an untrusted applet to access information from another applet.
This issue has been addressed via: RHEL Supplementary version 5 (RHSA-2008:0594 (java-1.6.0-sun) and RHSA-2008:0906 (java-1.6.0-ibm)) Red Hat Enterprise Linux version 4 Extras (RHSA-2008:0906)