mmm...
Geeks who actually understand it tend to have their own sources, but there’s a fair amount of details like
http://blogs.cisco.com/security/new-java-vulnerability-being-exploited-in-the-wild/
...This Java vulnerability is due to improper security protections on built-in classes in the Java Runtime Environment.
An unsigned Java applet can use the setSecurityManager() function to bypass security checks and access an elevated security context.
There are a few allegations that the exploit for this new Java vulnerability (CVE-2013-0422) is very similar to the Java vulnerability reported late last year (CVE-2012-5088); however, it seems they are fairly different.
This article describes some of the technical details of the exploit...
The article I posted explains the relation between the two vulnerabilities. They added the AccessControlContext field to stop the first problem. When they released Java 1.7, it turned out that some of the new methods could be used to change the value of this field.