Oracle · Java For Macos X · CVE-2009-2843
**Name of the Vulnerable Software and Affected Versions**
Java for Mac OS X version 10.5 before Update 6
Java for Mac OS X version 10.6 before Update 1
**Description**
The issue allows remote attackers to execute arbitrary code via an applet, as it accepts expired certificates.
**Recommendations**
For Java for Mac OS X version 10.5 before Update 6, update to Update 6 or later.
For Java for Mac OS X version 10.6 before Update 1, update to Update 1 or later.