Sun has released a patch for a bug in its zlib compression library, which may allow malicious code to corrupt memory and possibly crash the Java Runtime environment.
The full and custom installations of Netscape 7 for Linux and the full and custom installations of Netscape 6 for Linux and Windows are affected since they include an affected version of the Java Runtime Environment. The default Java runtime environment of Netscape 7 for Windows is not affected, nor is the default Java runtime environment of Netscape(TM) Communicator version 4.x. The Microsoft VM is not affected.
The Sun security bulletin and patch are available here.