Oracle Java contains a flaw related to the handling of applets. The issue is triggered due to the SunToolkit (part of sun.awt.* and packaged in rt.jar) providing a method with executes privileged operations and returns a reference to a Field object. The method can also call setAccessible(true) on the field allowing it to disable a 'final' or 'private' directive. With a crafted applet, a context-dependent attacker can use this method to execute arbitrary code.
Loss of Integrity
Virus / Malware
Discovered in the Wild
Upgrade Java SE to version 7 Update 7 or higher or 6 Update 35 or higher, as they have been reported to fix this vulnerability. It is also possible to limit the attack surface for the flaw by disabling Java in your browser.