Secunia Research has discovered a vulnerability in Sun Java JDK/JRE, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a sign-extension error when parsing the length of a resource name in a Soundbank file and can be exploited to cause a stack-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Sun Java JDK/JRE 1.6 Update 17 is affected.
8dec758bd05e09255310908caee81ca57294e5838db04bd1710b8f3a771dd7df