VMware Security Advisory - Updated Tomcat and Java JRE packages have been made available for VMWare ESX 3.5. It is not a few updates either. Check out how many CVEs are covered. Judging by the CVE age, their turn around time on patching is quite sad.
bdca972198318dc99cbe922fcffca76537d29df7f9248d8962802a8c0051113f
Gentoo Linux Security Advisory GLSA 200804-20 - Multiple vulnerabilities have been identified in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE). Versions less than 1.6.0.05 are affected.
336ca6a967f2af444479d95fdc1e2091e65e778a9202ae7f90eb7a6d79f45707
HP Security Bulletin - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities may allow remote unauthorized access.
901b575005153b95860b05640b68707f3a44368b6fc1b79cdcdd6e9459d4a552