Java vulnerability hunters claim to have found a new vulnerability that affects latest desktop and server versions of Java 7. The flaw is located in Java’s Reflection API component and can be used to bypass the Java security sandbox and execute arbitrary code on computers, the researcher says. Java 7 Update 21 that was released by Oracle last Tuesday and the new Server JRE package released at the same time. Oracle says Java vulnerabilities can also be exploited on server deployments by supplying malicious input to APIs (application programming interfaces) in vulnerable components.”]