java is vulnerable to privilege escalation. The vulnerability exists as a flaw in the JRE with passing arrays to the X11GraphicsDevice API was found. An untrusted applet or application could use this flaw to access and modify the list of supported graphics configurations. This flaw could also lead to sensitive information being leaked to unprivileged code.
blogs.sun.com/security/entry/advance_notification_of_security_updates6
java.sun.com/j2se/1.5.0/ReleaseNotes.html
java.sun.com/javase/6/webnotes/6u17.html
secunia.com/advisories/37386
security.gentoo.org/glsa/glsa-200911-02.xml
www.mandriva.com/security/advisories?name=MDVSA-2010:084
www.redhat.com/security/updates/classification/#important
access.redhat.com/errata/RHSA-2009:1584
bugzilla.redhat.com/show_bug.cgi?id=530297
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7545
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9568