It was discovered that the 2D component did not properly process certain images. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions.
Public now via Oracle Java SE CPU April 2014: http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html Fixed in 7u21 and 6u45.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2013:0752 https://rhn.redhat.com/errata/RHSA-2013-0752.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:0751 https://rhn.redhat.com/errata/RHSA-2013-0751.html
OpenJDK7 upstream repositories commit: http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/cf93d3828aa8
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 6 Supplementary for Red Hat Enterprise Linux 5 Via RHSA-2013:0758 https://rhn.redhat.com/errata/RHSA-2013-0758.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2013:0757 https://rhn.redhat.com/errata/RHSA-2013-0757.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2013:0770 https://rhn.redhat.com/errata/RHSA-2013-0770.html
Fixed in IcedTea6 versions 1.11.10 and 1.12.5, and IcedTea7 version 2.3.9: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022890.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022985.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2013:0823 https://rhn.redhat.com/errata/RHSA-2013-0823.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2013:0822 https://rhn.redhat.com/errata/RHSA-2013-0822.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2013:0855 https://rhn.redhat.com/errata/RHSA-2013-0855.html
This issue has been addressed in following products: Red Hat Network Satellite Server v 5.5 Via RHSA-2013:1456 https://rhn.redhat.com/errata/RHSA-2013-1456.html
This issue has been addressed in following products: Red Hat Network Satellite Server v 5.4 Via RHSA-2013:1455 https://rhn.redhat.com/errata/RHSA-2013-1455.html