04 Nov 2009
The IBM Java 6 JRE/SDK was updated to Service Release 6, fixing various bugs and security issues.
Following security issues were fixed:
CVE-2009-2676: A security vulnerability in the JNLPAppletLauncher might impact users of the Sun JDK and JRE. Non-current versions of the JNLPAppletLauncher might be re-purposed with an untrusted Java applet to write arbitrary files on the system of the user downloading and running the untrusted applet.
The JNLPAppletLauncher is a general purpose JNLP-based applet launcher class for deploying applets that use extension libraries containing native code...