icedtea-web: multiple issues

CVE-2015-5234 unexpected permanent authorization of unsigned applets It was discovered that IcedTea-Web did not properly sanitize applet URLs when storing applet trust settings. A malicious web page could use this flaw to inject trust-settings configuration, and cause applets to be executed...

Mac OS X v10.0.x J2SE v1.3 clipboard tapping vulnerability

Java runtime J2SE for Mac OS X v10.0.x has a security hole. It seems to have been fixed in Mac OS X v10.1. http://www.apple.com/support/security/securityupdates.html Security updates are listed below according to the software release in which they first appeared: Mac OS X v10.1 o system clipboard...