Apple releases Java for Mac OS X 10.5 Update 5

Java for Mac OS X 10.5 Update 5 delivers improved reliability, security, and compatibility for Java SE 6, J2SE 5.0 and J2SE 1.4.2 on Mac OS X 10.5.8 and later.

This release updates Java SE 6 to version 1.6.0_15, J2SE 5.0 to version 1.5.0_20, and J2SE 1.4.2 to 1.4.2_22.

Multiple vulnerabilities in Java 1.6.0_13
Multiple vulnerabilities exist in Java 1.6.0_13, the most serious of which may allow an untrusted Java applet to obtain elevated privileges. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_15.

Multiple vulnerabilities in Java 1.5.0_19
Multiple vulnerabilities exist in Java 1.5.0_19, the most serious of which may allow an untrusted Java applet to obtain elevated privileges. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.5.0_20.

Multiple vulnerabilities in Java 1.4.2_21
Multiple vulnerabilities exist in Java 1.4.2_21, the most serious of which may allow an untrusted Java applet to obtain elevated privileges. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.4.2_22.

Launching a maliciously crafted Java Web Start application may lead to an unexpected application termination or arbitrary code execution
A stack buffer overflow exists in Java Web Start command launcher. Launching a maliciously crafted Java Web Start
application may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.

The update is available for download here.