Secunia Research has discovered a vulnerability in Sun Java JDK/JRE, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a sign-extension error when parsing the length of a resource in a Soundbank file and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Sun Java JDK/JRE 1.6 Update 17 is affected.
7d87820c079f661519dec2809651c7e5860de57169dceabbdc743b7267772403