A crash in ICU Opentype layout engine was caused by a miscalculation in
character counts for right-to-left text causing out-of-bounds memory access.
This could be misused by remote attackers to potentially execute code in the
context of the user running the java process. (CVE-2010-3567)
The CVSSv2 scored upstream is
cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P
Reference:
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html