The Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and
earlier, JDK and JRE 5.0 Update 16 and earlier, SDK and JRE 1.4.2_18
and earlier as well as SDK and JRE 1.3.1_23 and earlier allows code
that is loaded from a local filesystem to read arbitrary files and make
unauthorized connections to localhost.