About the security content of Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10

Learn about the security content of Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10.

Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10

  • Java

    Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later

    Description: An opportunity for security-in-depth hardening is addressed by updating to Java version 1.6.0_35. Further information is available via the Java website at http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html

    CVE-ID

    CVE-2012-0547

  • Java

    Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later

    Impact: Visiting a maliciously crafted website with Java enabled may lead to arbitrary code execution

    Description: A privilege escalation issue existed in the JAI API. An unsigned applet may have been able to execute arbitrary code. This issue was addressed by preventing the JAI and J3D APIs from being used by unsigned applets.

    CVE-ID

    CVE-2012-3717 : Adam Gowdiak of Security Explorations

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Risks are inherent in the use of the Internet. Contact the vendor for additional information.

Last Modified:
Helpful?

Additional Product Support Information

Start a Discussion

in Apple Support Communities
See all questions on this article See all questions I have asked
United States (English)