|CVSS SCORE||7.6, (AV:N/AC:H/Au:N/C:C/I:C/A:C)|
The specific flaw exists within the javax.sound.midi.Sequence class. The issue lies in the ability to create an event listener that is run in a privileged context. An attacker can leverage this to execute code under the context of the current process.
Oracle has issued an update to correct this vulnerability. More details can be found at: