iDefense Security Advisory 03.25.09 – Remote exploitation of a heap corruption vulnerability in Sun Microsystems Inc.’s Java JRE could allow an attacker to execute arbitrary code with the privileges of the current user. Values from the GIF file are used to calculate an offset to store data in a dynamic heap buffer. These values are not validated before use, which allows an attacker to store controlled data outside of the bounds of the allocated buffer. This leads to corruption of object pointers, which can be leveraged to execute arbitrary code. iDefense has confirmed the existence of this vulnerability in Java JRE version 1.6_11. Previous versions may also be affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/76131/03.25.09-3.txt
Source: https://packetstormsecurity.com/files/76131/iDEFENSE-Security-Advisory-2009-03-25.3.html