Sun has released updates for Java SE. These updates address multiple vulnerabilities in Java Web Start, Java JDK, Java JRE and Java SDK. These vulnerabilities may allow a remote attacker to execute arbitrary code, bypass security restrictions or cause a denial-of-service condition.

US-CERT encourages users to review the following Sun Alerts and apply any necessary updates:

• Sun Alert 233321 - Two Security Vulnerabilities in the Java Runtime Environment Virtual Machine
• Sun Alert 233322 - Security Vulnerability in the Java Runtime Environment with the Processing of XSLT Transformations
• Sun Alert 233323 - Multiple Security Vulnerabilities in Java Web Start May Allow an Untrusted Application to Elevate Privileges
• Sun Alert 233324 - A Security Vulnerability in the Java Plug-in May Allow an Untrusted Applet to Elevate Privileges
• Sun Alert 233325 - Vulnerabilities in the Java Runtime Environment image Parsing Library
• Sun Alert 233326 - Security Vulnerability in the Java Runtime Environment May Allow Untrusted JavaScript Code to Elevate Privileges through Java APIs
• Sun Alert 233327 - Buffer Overflow Vulnerability in Java Web Start May Allow an Untrusted Application to Elevate its Privileges