Oracle Java SE 6u85, 7u71 and 8u25 fixes an unspecified vulnerability in the Deployment component (CVE-2014-6466). Upstream has CVSSv2 scored this issue as: 6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C External Reference: http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA
Oracle CPU has the following note for this issue: Applies to client deployment of Java on Internet Explorer only. Hence this is not applicable to Oracle JDK on Linux.