Sun on Wednesday issued eight bulletins to cover 13 vulnerabilities. The bugs reside in Java Runtime Environment (JRE), Web Start, Management Extensions, Development Kit (JDK), according to a US-CERT advisory.
Tracking firm Secunia rated the flaws "highly critical" and said they could be remotely exploited to compromise a vulnerable system.
One of the fixes corrects an implementation problem that allows applets to run on older releases of JRE, which could expose users to older security flaws.
Meanwhile, Apple on Thursday plugged six holes in Apple TV, a network device that permits Mac OS X users to play computer content on a television.
All six vulnerabilities could be exploited to execute arbitrary code, according to an Apple advisory.