The XSLT processor included with the Java Runtime Environment (JRE) may allow an untrusted applet to read data from another applet that is processed using the XSLT processor and may allow the untrusted applet to escalate privileges.
sdk and jre are affected of course
Affected : SDK and JRE 1.4.2_04 or earlier SDK and JRE 1.4.1_07 or earlier SDK and JRE 1.4.0_04 or earlier Unaffected : SDK and JRE 1.4.2_05 or later x86 or Java team: please mark sun-jdk-1.4.2_05 stable on x86 Java team: please remove affected versions.
done
Ready for a GLSA should we need one.
I vote for no GLSA on this one.
Closing without GLSA.
You were warned:)