>> Packet Storm Advisory 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify()

The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataOffsets[0]” boundary checks. This vulnerability allows for remote code execution

Go here to read the rest:
Packet Storm Advisory 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify()