12 Dec 2011
Sun Java JRE 1.6.x / 6.x
This covers various vulnerabilities where it is possible for malicious users or people to impersonate other users or systems.
Francisco Amato has reported a vulnerability in Oracle Java, which can be exploited by malicious people to conduct spoofing attacks.
The vulnerability is caused due to the "Java Update" mechanism insecurely validating new updates and can be exploited to e.g. spoof an update via Man-in-the-Middle (MitM) attacks.
This is related to vulnerability #12:
The vulnerability is reported in versions 220.127.116.11 and prior.
Do not use the "Java Update" utility.
Francisco Amato, Infobyte Security Research.
Infobyte Security Research: