OpenJDK 7 could be made to crash or run programs as your login if it opened a specially crafted Java applet.
It was discovered that OpenJDK 7’s security mechanism could be bypassed via Java applets. If a user were tricked into opening a malicious website, a remote attacker could exploit this to perform arbitrary code execution as the user invoking the program.
16 January 2013
A security issue affects these releases of Ubuntu and its derivatives:
OpenJDK 7 could be made to crash or run programs as your login if it opened a specially crafted Java applet.
It was discovered that OpenJDK 7’s security mechanism could be bypassed via Java applets. If a user were tricked into opening a malicious website, a remote attacker could exploit this to perform arbitrary code execution as the user invoking the program.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart your browser to make all the necessary changes.