http://www.securityfocus.com/archive/1/534161/100/0/threaded [No Types Assigned]

http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded [No Types Assigned]

https://access.redhat.com/errata/RHSA-2014:0414 [No Types Assigned]

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16887 [No Types Assigned]

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19565 [No Types Assigned]

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19582 [No Types Assigned]

http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16887 [No Types Assigned]

http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:19582 [No Types Assigned]

http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:19565 [No Types Assigned]

http://www.securityfocus.com/bid/60645 [No Types Assigned]

Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 21 y versiones anteriores y 6 Update 45 y versiones anteriores; el componente Oracle JRockit en Oracle Fusion Middleware R27.7.5 y versiones anteriores y R28.2.7 y versiones anteriores; y OpenJDK 7 permite a atacantes remotos afectar a la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con Libraries. NOTA: la información anterior es de la CP

Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 21 y anteriores y 6 Update 45 y anteriores permite a atacantes remotos afectar a la integridad, confidencialidad y disponibilidad mediante vectores relacionados con Libraries.

Configuration 1
     OR
          *cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
          *cpe:2.3

Configuration 1
     OR
          *cpe:2.3:a:oracle:jdk:1.6.0:update_38:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jdk:1.6.0:update_37:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jdk:1.6.0:update_35:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jdk:1.6.0:update_34:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jdk:1.6.0:update_33:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jdk:1.6.0:update_32:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jdk:1.6.0:update_31:*:*:*:*:*:*
          *cpe:2.3:a:oracle:jdk:1.6.0:update_30:*:*:*:*:

Per: http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html

'Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.'

Per: http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html

'Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.'

http://seclists.org/fulldisclosure/2014/Dec/23

http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded

http://www.vmware.com/security/advisories/VMSA-2014-0012.html