JAX London 2014: A retrospective
Critical Patch Update

Security Fixes for Java SE and Java for Business

Jessica Thornsby

Oracle have announced a forthcoming Critical Patch Update for Java SE and Java for Business, which will fix 27 security vulnerabilities. All of these vulnerabilities may be remotely exploitable without authentication.

Security vulnerabilities addressed by this Critical Patch Update affect JDK and JRE 6 Update 18 and earlier; SDK and JRE 1.4.2_25 and earlier; and JDK and JRE 5.0 Update 23.

Vulnerabilities fixed by Critical Patch Updates are judged against the standard CVSS 2.0 scoring. The highest CVSS 2.0 base score for vulnerabilities in this Critical Patch Update, is 7.5.

Author
Comments
comments powered by Disqus