CVE-2015-4734

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 6u101 through 8u60 Java SE Embedded version 8u51

Description The issue allows remote attackers to affect confidentiality via vectors related to JGSS. It is related to errors in the code of the JGSS subcomponent of the Java Platform. Exploitation of the issue may allow a remote attacker to gain read access to protected information using a Java Web Start application or a Java applet.

Recommendations For Oracle Java SE versions 6u101 through 8u60, update to a version that includes the fix for this issue. For Java SE Embedded version 8u51, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting the use of JGSS in Java applications until a patch is available.