http://www.metasploit.com/modules/exploit/multi/browser/java_jre17_exec
I am using fully updated Java:
When I tried it at first, the exploit hung:
But I found the problem--the default TARGET is 0 (Generic Java Payload) and to make it work, you need TARGET 1 - Windows. So before starting the exploit, do this:
set TARGET 1
And it works like a charm :)
--Sam Bowne, first written 9:07 am, 8-28-12; revised 9:55 am