0 Replies - 9808 Views - Last Post: 01 February 2013 - 07:55 PM

#1 macosxnerd101   User is offline

  • Games, Graphs, and Auctions
  • member icon

Reputation: 12765
  • View blog
  • Posts: 45,948
  • Joined: 27-December 08

Java Critical Patch Update- February 2013

Post icon  Posted 01 February 2013 - 07:55 PM


This Critical Patch Update contains 50 new security fixes for Oracle Java SE. 49 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. The English text form of this Risk Matrix can be found here.

The CVSS scores below assume that a user running a Java applet or Java Web Start application has administrator privileges (typical on Windows). When the user does not run with administrator privileges (typical on Solaris and Linux), the corresponding CVSS impact scores for Confidentiality, Integrity, and Availability are "Partial" instead of "Complete", lowering the CVSS Base Score. For example, a Base Score of 10.0 becomes 7.5.

For issues in Deployment, fixes are only made available for JDK and JRE 7 and 6. Users should use the default Java Plug-in and Java Web Start in the latest JDK and JRE 7 or 6 releases.


Is This A Good Question/Topic? 0
  • +

Page 1 of 1