An integer overflow flaw was found in the way the JRE processes JPEG images. An untrusted application could use this flaw to extend its privileges, allowing it to read and write local files, as well as to execute local applications with the privileges of the user running the application. http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2009:1200 https://rhn.redhat.com/errata/RHSA-2009-1200.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2009:1201 https://rhn.redhat.com/errata/RHSA-2009-1201.html
java-1.6.0-openjdk-1.6.0.0-27.b16.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
java-1.6.0-openjdk-1.6.0.0-20.b16.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2009:1582 https://rhn.redhat.com/errata/RHSA-2009-1582.html
This issue has been addressed in following products: Red Hat Network Satellite Server v 5.3 Via RHSA-2010:0043 https://rhn.redhat.com/errata/RHSA-2010-0043.html