From CERT CA 96-17: Java bytecode verifier weakness:

"The CERT staff recommends disabling Java in Netscape Navigator and not using
Sun's appletviewer to browse applets from untrusted sources until patches are
available from these vendors.
As we receive additional information relating to this advisory, we will
place it in"
Later in the month, Daniel Abplanalp and Stephan Goldstein reported that Java applets run under Netscape Navigator on a wide variety of platforms can determine the pathname of the directory in which the Netscape Navigator was started; this is considered a privacy/security violation. On April 25, the NY Times reported that Windows 95 will soon include Java support with its regular distribution.