A new Metasploit module for the Java 7u17 sandbox bypass emerged
All versions of Java SE-7 (including the recently released 1.7.0_21-b11)
Java issues are being exploited in the wild by exploit kits, with Cool and Redkit specifically being known to use these bugs, and others likely to follow shortly.
It can be used to achieve a complete Java security sandbox bypass on a target system.
Manipulation of data
Vendor recommends patch systems immediately