Secunia Research has discovered a vulnerability in Sun Java JDK/JRE, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused by a sign-extension error when parsing the length of a resource name in a Soundbank file and can be exploited to cause a stack-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Sun Java JDK/JRE 1.6 Update 17 is affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/87895/secunia-jdkjresrn.txt
Source: https://packetstormsecurity.com/files/87895/Sun-Java-JDK-JRE-Soundbank-Resource-Name-Buffer-Overflow.html