|Unspecified vulnerability in the Java Runtime Environment (JRE)
component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and
earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows
remote attackers to affect confidentiality, integrity, and
availability via vectors related to RMI. NOTE: the previous
information is from the April 2013 CPU. Oracle has not commented on
claims from another vendor that this issue is related to "missing
security restrictions" in the LogStream.setDefaultStream method.