It was discovered that the protection of the SubjectDelegator class was insufficient. An untrusted Java application or applet could possibly use this flaw to disclose or modify data related to the class.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0890 https://rhn.redhat.com/errata/RHSA-2014-0890.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2014:0889 https://rhn.redhat.com/errata/RHSA-2014-0889.html
Fixed now in Oracle Java SE 5u71, 6.0u81, 7.0u65, and 8.0u11 via Critical Patch Update July 2014. Fixed in IcedTea 1.13.4 for OpenJDK 6: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-July/028550.html Fixed in IcedTea 2.5.1 for OpenJDK 7: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-July/028584.html OpenJDK 6 Patch(es): http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/babf73f6c9b5 OpenJDK 7 Patch(es): http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/0367aad88a50 External reference: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixJAVA
This issue has been addressed in following products: Oracle Java for Red Hat Enterprise Linux 6 Oracle Java for Red Hat Enterprise Linux 7 Oracle Java for Red Hat Enterprise Linux 5 Via RHSA-2014:0902 https://rhn.redhat.com/errata/RHSA-2014-0902.html
This issue has been addressed in following products: Oracle Java for Red Hat Enterprise Linux 5 Oracle Java for Red Hat Enterprise Linux 6 Oracle Java for Red Hat Enterprise Linux 7 Via RHSA-2014:0908 https://rhn.redhat.com/errata/RHSA-2014-0908.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2014:0907 https://rhn.redhat.com/errata/RHSA-2014-0907.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2014:1033 https://rhn.redhat.com/errata/RHSA-2014-1033.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2014:1036 https://rhn.redhat.com/errata/RHSA-2014-1036.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 7 Via RHSA-2014:1042 https://rhn.redhat.com/errata/RHSA-2014-1042.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2014:1041 https://rhn.redhat.com/errata/RHSA-2014-1041.html
This issue has been addressed in the following products: Red Hat Satellite Server v 5.6 Via RHSA-2015:0264 https://rhn.redhat.com/errata/RHSA-2015-0264.html