According to this report by Landon Fuller, the Java that ships with Mac OS X contains a vulnerability that allows any website to excecute code on your Macintosh via Java.
This is a fairly serious issue and so I am recommending you disable Java.
For Safari users:
- Open Preferences under the Safari menu
- Click the Security settings icon
- Uncheck “Enable Java”
If you need Java for a particular site that you trust, you can enable it, use the site, then disable it again.
This will affect those who use Yahoo! Games, etc, but it is a very serious security issue.