An off-by-one flaw was found in ZIP reading code used by ZipFile class. A specially-crafted zip file could cause java program to crash when opened.
External Reference: http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:0135 https://rhn.redhat.com/errata/RHSA-2012-0135.html
Patches were applied in following IcedTea versions: * IcedTea6 1.8.13 (based on OpenJDK6 b18) * IcedTea6 1.9.13 (based on OpenJDK6 b20) * IcedTea6 1.10.6 (based on OpenJDK6 b22) * IcedTea6 1.11.1 (based on OpenJDK6 b24) * IcedTea 2.0.1 (based on OpenJDK7 u1 + u3 security patches) http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-February/017249.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-February/017233.html Patch: http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/4e7a700d4ecc/patches/security/20120214/7118283.patch
PRE-CERT Security Advisory security advisory for this issue: http://seclists.org/fulldisclosure/2012/Feb/260 http://www.pre-cert.de/advisories/PRE-SA-2012-01.txt
This issue has been addressed in following products: Extras for RHEL 4 Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2012:0139 https://rhn.redhat.com/errata/RHSA-2012-0139.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2012:0322 https://rhn.redhat.com/errata/RHSA-2012-0322.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2012:0508 https://rhn.redhat.com/errata/RHSA-2012-0508.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2012:0514 https://rhn.redhat.com/errata/RHSA-2012-0514.html
This issue has been addressed in following products: Red Hat Network Satellite Server v 5.4 Via RHSA-2013:1455 https://rhn.redhat.com/errata/RHSA-2013-1455.html