Apple has released a Java update for the following products to address multiple vulnerabilities:
- OS X v10.6.8
- OS X server v10.6.8
- OS X Lion v10.7.3
- Lion Server v10.7.3
These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or disclose sensitive information.
US-CERT encourages users and administrators to review Apple article HT5228 and apply any necessary updates to help mitigate the risks.
Additional information regarding CVE-2011-5035 can be found in the US-CERT Vulnerability Note VU#903934.
This product is provided subject to the Notification as indicated here: http://www.us-cert.gov/legal.html#notify