http://www.java.com/ja/ も既に推奨 Version 6 Update 11 となっています。
全オペレーティングシステムの Java のダウンロード一覧
Sun Java JDK / JRE Multiple Vulnerabilities - Secunia Advisory:SA32991
Critical: Highly critical
Impact: Security Bypass
Exposure of system information
Exposure of sensitive information
Where: From remote
Solution Status: Vendor Patch
Some vulnerabilities have been reported in Sun Java, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, cause a DoS (Denial of service), or compromise a vulnerable system.
2) Multiple errors in the JRE image processing implementation can be exploited to cause buffer overflows.
3) Multiple errors in the JRE when processing GIF images can be exploited to cause buffer overflows.
4) Multiple errors in the JRE when processing fonts can be exploited to cause buffer overflows.
5) An error in the JRE can be exploited to establish network connections to arbitrary hosts.
6) An error when launching Java Web Start applications can be exploited by an untrusted application to e.g. read, write, or execute local files with the privileges of the user running the application.
8) An error in Java Web Start can be exploited to perform restricted actions (e.g. modify system properties).
10) An error in the JRE applet class loading functionality can be exploited to read arbitrary files and establish network connections to arbitrary hosts.
11) An error in the Java Web Start BasicService can be exploited to open arbitrary local files in the user's browser.
12) The problem is that the "Java Update" mechanism does not check the digital signature of the downloaded update package. This be exploited to execute arbitrary code via e.g. a MitM (Man-in-the-Middle) or DNS spoofing attack.
13) A boundary error can be exploited by an untrusted Java application that is launched through the command line to cause a buffer overflow.
14) An error when deserializing calendar objects can be exploited by an untrusted Java applet to e.g. read, write, or execute local files.
15) An error in the JRE when unpacking applets can be exploited to cause a buffer overflow.
16) The UTF-8 decoder accepts encodings longer than the "shortest" form. This can potentially be exploited to trick applications using the decoder into accepting invalid sequences and e.g. disclose sensitive information via specially crafted URIs.
17) An error in the JRE can be exploited to list the contents of the user's home directory.
18) An error when processing RSA public keys can be exploited to consume large amounts of CPU.
19) An error in the JRE Kerberos authentication mechanism can be exploited to potentially exhaust operating system resources.
21) An error when processing ZIP files can be exploited to disclose arbitrary memory locations from the host process.
22) An error can be exploited by malicious code loaded from the local filesystem to gain network access to the local host.