Sun Java Updates

Two vulnerabilities in the Java Runtime Environment have been announced. These may allow an applet to gain elevated privileges and could allow for the execution of arbitrary code. The affected releases are:

JDK and JRE 6 Update 1 and earlier
JDK and JRE 5.0 Update 13 and earlier

We recommend that you update your systems. The original advisory is at:

Sun Java Identity Manager Vulnerabilities

Sun released two advisories today. The first details Coss-Site Scripting vulnerabilites in Sun Java System Identity Manager. They consist of input validation errors in the parameters “cntry” and “lang” of /idm/login.jsp, the “resultsForm” parameter of /idm/account/findForSelect.jsp and the “helpUrl” parameter of /idm/help/index.jsp. The original advisory can be found at:

The second involves