CVE-2014-6527

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u67 through 8u20

Description The issue allows remote attackers to affect the integrity of data via unknown vectors related to the Deployment component. It is estimated that a significant number of devices worldwide may be potentially affected, although the exact number is not specified. There is no information provided about real-world incidents where this issue was exploited.

Recommendations For Oracle Java SE versions 7u67 through 8u20, update to a version that contains the fix for this issue, as specified in Oracle's October 2014 Critical Patch Update Advisory. As a temporary workaround, consider restricting access to the Deployment component until a patch is available.