|Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45;
Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect
confidentiality, integrity, and availability via vectors related to
CORBA. NOTE: the previous information is from the January 2014 CPU.
Oracle has not commented on third-party claims that the issue is
related to "insufficient security checks in IIOP streams," which
allows attackers to escape the sandbox.