Apple Mac OS X Java Plug-in 'file://' URL Handling Remote Code Execution Vulnerability

Apple Mac OS X Java Plug-in 'file://' URL Handling Remote Code Execution Vulnerability

Solution:
The vendor has released an update. Please see the references for more information.

Apple Mac OS X 10.5.4

Apple JavaForMacOSX10.5Update2.dmg
Java for Mac OS X 10.5 Update 2
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=21277&cat= 59&platform=osx&method=sa/JavaForMacOSX10.5Update2.dmg

Apple Mac OS X Server 10.5.4

Apple JavaForMacOSX10.5Update2.dmg
Java for Mac OS X 10.5 Update 2
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=21277&cat= 59&platform=osx&method=sa/JavaForMacOSX10.5Update2.dmg

Apple Mac OS X 10.5.5

Apple JavaForMacOSX10.5Update2.dmg
Java for Mac OS X 10.5 Update 2
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=21277&cat= 59&platform=osx&method=sa/JavaForMacOSX10.5Update2.dmg

Apple Mac OS X Server 10.5.5

Apple JavaForMacOSX10.5Update2.dmg
Java for Mac OS X 10.5 Update 2
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=21277&cat= 59&platform=osx&method=sa/JavaForMacOSX10.5Update2.dmg