Apple has issued an update for Java for Mac OS X. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate certain data, disclose potentially sensitive information, cause a DoS (Denial of Service), or to compromise a user's system.

For more information:
SA34451
SA37255
SA39260

1) An error in the handling of mediaLibImage objects can be exploited to cause an out-of-bounds memory access and potentially execute arbitrary code when a user e.g. visits a web page containing a specially crafted Java applet.

2) A signedness error when drawing windows can be exploited to corrupt memory and potentially execute arbitrary code when a user e.g. visits a web page containing a specially crafted Java applet.

Solution
Apply updates.
Further details available in Customer Area

Provided and/or discovered by
1) The vendor credits Marc Schoenefeld, University of Bamberg.
2) The vendor credits Jonathan Bringhurst of Northrop Grumman, and Jeffrey Czerniak.

Original Advisory
Apple:
http://support.apple.com/kb/HT4170
http://support.apple.com/kb/HT4171

Other references
Further details available in Customer Area

Deep Links
Links available in Customer Area