CVE-2015-4844

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 6u101, 7u85, and 8u60 Java SE Embedded version 8u51

Description The issue is related to errors in the 2D subcomponent code of the Java Platform. It allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Exploitation of the vulnerability may enable a remote attacker to execute arbitrary code using a Java Web Start application or a Java applet.

Recommendations For Oracle Java SE versions 6u101, 7u85, and 8u60, update to a version that contains the fix for this issue. For Java SE Embedded version 8u51, update to a version that contains the fix for this issue. As a temporary workaround, consider restricting the use of Java Web Start applications and Java applets to minimize the risk of exploitation.