Oracle Java SE and Java for Business CVE-2010-3571 ICC Profile Vulnerability
Oracle Java SE and Java for Business are prone to a remote vulnerability in the color profile parser.
The vulnerability can be exploited by a malicious Web page via a malformed ICC profile. A successful exploit will let the attacker execute arbitrary code with the privileges of the currently logged in user.
This vulnerability affects the following supported versions:
6 Update 21, 5.0 Update 25, 1.4.2_27, 1.3.1_28