0 Replies - 9346 Views - Last Post: 01 February 2013 - 07:55 PM

#1 macosxnerd101  Icon User is online

  • Self-Trained Economist
  • member icon




Reputation: 10364
  • View blog
  • Posts: 38,385
  • Joined: 27-December 08

Java Critical Patch Update- February 2013

Post icon  Posted 01 February 2013 - 07:55 PM

Quote

This Critical Patch Update contains 50 new security fixes for Oracle Java SE. 49 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. The English text form of this Risk Matrix can be found here.

The CVSS scores below assume that a user running a Java applet or Java Web Start application has administrator privileges (typical on Windows). When the user does not run with administrator privileges (typical on Solaris and Linux), the corresponding CVSS impact scores for Confidentiality, Integrity, and Availability are "Partial" instead of "Complete", lowering the CVSS Base Score. For example, a Base Score of 10.0 becomes 7.5.

For issues in Deployment, fixes are only made available for JDK and JRE 7 and 6. Users should use the default Java Plug-in and Java Web Start in the latest JDK and JRE 7 or 6 releases.


http://www.oracle.co...13-1841061.html

Is This A Good Question/Topic? 0
  • +

Page 1 of 1