"Oracle Java SE and Java for Business are prone to a remote code-execution vulnerability affecting the 'Sound' component.
Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition."
Descritpion - http://www.securityfocus.com/bid/39077/discuss
PoC exploit code - http://www.securityfocus.com/bid/39077/exploit
List of affected versions - http://www.securityfocus.com/bid/39077/info
email: david @ sharpesecurity.com