Critical Patch Update

Security Fixes for Java SE and Java for Business

Jessica Thornsby

Oracle have announced a forthcoming Critical Patch Update for Java SE and Java for Business, which will fix 27 security vulnerabilities. All of these vulnerabilities may be remotely exploitable without authentication.

Security vulnerabilities addressed by this Critical Patch Update affect JDK and JRE 6 Update 18 and earlier; SDK and JRE 1.4.2_25 and earlier; and JDK and JRE 5.0 Update 23.

Vulnerabilities fixed by Critical Patch Updates are judged against the standard CVSS 2.0 scoring. The highest CVSS 2.0 base score for vulnerabilities in this Critical Patch Update, is 7.5.

comments powered by Disqus