There has been a fair amount of discussion in the past couple months about the Java JRE/JDK CVE-2010-4476 security exposure with floating point conversion. Generally speaking, it's pretty unlikely that you would encounter this issue, but to be safe applying patches to your systems is the prudent thing to do.
Here are a couple tech notes recently published that specifically discuss the JREs included with the InfoSphere Warehouse to help you close the security exposure.
InfoSphere Warehouse 9.7:
InfoSphere Warehouse 9.5: