The flaws could be exploited by attackers to bypass security restrictions and escalate privileges to gain system access or launch DoS attacks, according to Secunia, which ranked the bugs “highly critical.”
The vulnerabilities are found in Java 1.4 and J2SE (Java Runtime Environment) 5.0, which allows users to run Java applications. The remaining vulnerability relates to an access flaw in Keychain, Apple's password management system.
Many Java developers have turned to the Mac platform. OS X is the only major consumer operating system to come packaged with a complete Java runtime and development environment, according to Apple.