try this:

http://landonf.bikemonkey.org/static/moab-...5353/hello.html

funny, uh?
works fine with my ff and safari 4. opera seems to devliver it's own java-re, nothing happends with it here.

anyway, what this exploit does: it calls '/usr/bin/say' to do that sound output. it could be doing 'many different' things, of course ;)

well, and all of this, because apple is still behind of releasing a java update for osx and to us regular users. it has been seeded to developers some time ago but we (non-paying adc-peeps) are still waiting for it...

sun's closed these security holes a half year ago and even though it's still a drive-by-download 'feature', most users just 'will' click where told. sooner or later, this will become some serious problem if apple doesn't start caring about issues like these in a more apropriate time frame.

not too long ago, 'it-experts' all around the world recommended to disable active-x in the IE - now the same so called 'it-experts' yell for disabling java in OSX browsers. however, *lol*, they still recommend to disable java on other platforms just in case and anyway ;)

and for anyone interested, some dev info about the exploit

everyone capable of using a java compiler should be able to write custom exploits that simply work and actually do things ;)

a 'java update' that addresses this problem is now available to anyone through e.g. the software-update!

Solved?

yap.