A vulnerability in the IBM implementation of the Java Virtual Machine was reported that may, under very limited circumstances, allow untrusted code running under a security manager to escalate its privileges. External Reference: https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2014
IBM security bulletin covering this issue: http://www-01.ibm.com/support/docview.wss?uid=swg21680334 IBM indicates that the issue was fixed in IBM JDK versions 5.0 SR16-FP7, 6 SR16-FP1, 7 SR7-FP1, and 7R1 SR1-FP1. The following errata updated IBM JDK shipped with Red Hat products to the fixed versions. Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2014:1041 https://rhn.redhat.com/errata/RHSA-2014-1041.html Supplementary for Red Hat Enterprise Linux 7 Via RHSA-2014:1042 https://rhn.redhat.com/errata/RHSA-2014-1042.html Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2014:1036 https://rhn.redhat.com/errata/RHSA-2014-1036.html Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2014:1033 https://rhn.redhat.com/errata/RHSA-2014-1033.html Red Hat Satellite Server v 5.6 Via RHSA-2015:0264 https://rhn.redhat.com/errata/RHSA-2015-0264.html