Scientific Linux Security Update : java-1.6.0-sun on SL5.x i386/x86_64
Critical Nessus Plugin ID 62071
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionThese vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page that leverages this vulnerability.
Successful exploits can impact the availability, integrity, and confidentiality of the user's system.
In addition, this Security Alert includes a security-in-depth fix in the AWT subcomponent of the Java Runtime Environment.
Due to the severity of these vulnerabilities, the public disclosure of technical details and the reported exploitation of CVE-2012-4681 'in the wild,' we strongly recommend that you apply the updates as soon as possible.
SolutionUpdate the affected java-1.6.0-sun-compat and / or jdk packages.