Once again a zero day vulnerability exploit is sold by cyber criminals in the underground. Once again the flaw is related to Oracle’s Java software that could allow to gain remote control over victim’s machine. The seller is expecting a conspicuous gain at “five digits”, and claims seem to be in line with the actual market price for a similar vulnerability. Java JRE is multi-platform application and that today Java component is installed on the majority of web site. The vulnerability is a component of Java that handles audio input and output.
Source: https://thehackernews.com/2012/11/java-zero-day-exploit-sold-in.html