Security Vulnerability CVE-2013-0443 in Oracle JDK
Supported versions that are affected are 7 Update 11 and before, 6 Update 38 and before, 5.0 Update 38 and before and 1.4.2_40 and before. Very difficult to exploit vulnerability allows successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data. Note: Applies to server deployments of JSSE.