Synopsis: Important: java-1.6.0-sun Issue Date: 2012-09-04 CVE Numbers: CVE-2012-4681 These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page that leverages this vulnerability. Successful exploits can impact the availability, integrity, and confidentiality of the user's system. In addition, this Security Alert includes a security-in-depth fix in the AWT subcomponent of the Java Runtime Environment. Due to the severity of these vulnerabilities, the public disclosure of technical details and the reported exploitation of CVE-2012-4681 "in the wild," we strongly recommend that you apply the updates as soon as possible. SL5 x86_64 java-1.6.0-sun-compat-1.6.0.35-3.sl5.jpp.i586.rpm java-1.6.0-sun-compat-1.6.0.35-3.sl5.jpp.x86_64.rpm jdk-1.6.0_35-fcs.i586.rpm jdk-1.6.0_35-fcs.x86_64.rpm i386 java-1.6.0-sun-compat-1.6.0.35-3.sl5.jpp.i586.rpm jdk-1.6.0_35-fcs.i586.rpm