It was found that RMI Registry implementation in OpenJDK did not properly restrict access to some of its methods. A remote client able to connect to the RMI Registry could use this flaw to execute arbitrary code on the server running the registry.
External References: http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 Via RHSA-2011:1380 https://rhn.redhat.com/errata/RHSA-2011-1380.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 6 Supplementary for Red Hat Enterprise Linux 5 Extras for RHEL 4 Via RHSA-2011:1384 https://rhn.redhat.com/errata/RHSA-2011-1384.html
java-1.6.0-openjdk-1.6.0.0-60.1.10.4.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Extras for RHEL 4 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2011:1478 https://rhn.redhat.com/errata/RHSA-2011-1478.html
This issue has been addressed in following products: Extras for RHEL 4 Supplementary for Red Hat Enterprise Linux 5 Via RHSA-2012:0006 https://rhn.redhat.com/errata/RHSA-2012-0006.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Extras for RHEL 4 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2012:0034 https://rhn.redhat.com/errata/RHSA-2012-0034.html
This issue has been addressed in following products: RHEL 4 for SAP RHEL 5 for SAP RHEL 6 for SAP Via RHSA-2012:0343 https://rhn.redhat.com/errata/RHSA-2012-0343.html
This issue has been addressed in following products: Red Hat Network Satellite Server v 5.4 Via RHSA-2013:1455 https://rhn.redhat.com/errata/RHSA-2013-1455.html