The Java Runtime Environment (JRE) 6 update 6 and earlier as well as
5.0 update 15 and earlier suffer from two vulnerabilities. The first
vulnerability allows unauthorized access to certain URL resources and
has the potential to create a denial of service condition for systems
running the JRE. The second allows an untrusted applet or application
to access certain URL resources as well.