Java SE and Java SE Embedded are vulnerable to sandbox restrictions bypass. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed RMI
component to gain elevated privileges. Successful attacks could result in takeover of Java SE and Java SE Embedded.
www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
www.securityfocus.com/bid/101319
www.securitytracker.com/id/1039596
access.redhat.com/errata/RHSA-2017:2998
access.redhat.com/errata/RHSA-2017:2999
access.redhat.com/errata/RHSA-2017:3046
access.redhat.com/errata/RHSA-2017:3047
access.redhat.com/errata/RHSA-2017:3264
access.redhat.com/errata/RHSA-2017:3267
access.redhat.com/errata/RHSA-2017:3268
access.redhat.com/errata/RHSA-2017:3392
access.redhat.com/errata/RHSA-2017:3453
access.redhat.com/security/updates/classification/#critical
developer.ibm.com/javasdk/support/security-vulnerabilities/
lists.debian.org/debian-lts-announce/2017/11/msg00033.html
security.gentoo.org/glsa/201710-31
security.gentoo.org/glsa/201711-14
security.netapp.com/advisory/ntap-20171019-0001/
www.debian.org/security/2017/dsa-4015
www.debian.org/security/2017/dsa-4048
www.synology.com/support/security/Synology_SA_17_66_OpenJDK