It was discovered that the Libraries component did not properly restrict the use of privileged annotations. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0890 https://rhn.redhat.com/errata/RHSA-2014-0890.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2014:0889 https://rhn.redhat.com/errata/RHSA-2014-0889.html
Fixed now in Oracle Java SE 7.0u65 via Critical Patch Update July 2014. Fixed in IcedTea 2.5.1 for OpenJDK 7: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-July/028584.html OpenJDK 7 Patch(es): http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/848481af9003 External reference: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixJAVA
This issue has been addressed in following products: Oracle Java for Red Hat Enterprise Linux 6 Oracle Java for Red Hat Enterprise Linux 7 Oracle Java for Red Hat Enterprise Linux 5 Via RHSA-2014:0902 https://rhn.redhat.com/errata/RHSA-2014-0902.html