It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions.
marc.info/?l=bugtraq&m=140852886808946&w=2
marc.info/?l=bugtraq&m=140852974709252&w=2
seclists.org/fulldisclosure/2014/Dec/23
secunia.com/advisories/60129
secunia.com/advisories/60245
secunia.com/advisories/60485
secunia.com/advisories/60812
security.gentoo.org/glsa/glsa-201502-12.xml
www.debian.org/security/2014/dsa-2980
www.debian.org/security/2014/dsa-2987
www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
www.securityfocus.com/archive/1/534161/100/0/threaded
www.securityfocus.com/bid/68562
www.securitytracker.com/id/1030577
www.vmware.com/security/advisories/VMSA-2014-0012.html
access.redhat.com/errata/RHSA-2014:0902
access.redhat.com/errata/RHSA-2014:0908
access.redhat.com/security/updates/classification/#critical
exchange.xforce.ibmcloud.com/vulnerabilities/94591
rhn.redhat.com/errata/RHSA-2014-0889.html