Description of problem:
Integer overflow in the embedded ICC profile image parser in Sun Java
Development Kit (JDK) before 1.5.0_11-b03, and 1.6.x before 1.6.0_01-b06, allows
remote attackers to execute arbitrary code or cause a denial of service (JVM
crash) via a crafted JPEG or BMP file.
The list of fixed products with their respective errata is here: