Remote code execution possible. http://www.bit-tech.net/news/bits/2016/03/24/oracle-java-vulnerability/1
Separate names with a comma.