Oracle to Patch 36 Java Vulnerabilities with January 2014 CPU

Tens of Java vulnerabilities will be fixed with the January 2014 CPU

On Tuesday, Oracle will release its Critical Patch Update (CPU) for January 2014. A total of 144 security holes will be addressed, including 36 that impact Java.

The list of products affected by the flaws includes Database, Fusion Middleware, Enterprise Data Quality, Forms and Reports, Portal, Outside in Technology, GlassFish Server, HTTP Server, Identity Manager, Internet Directory, iPlanet, Reports Developer, VM VirtualBox, MySQL Enterprise Monitor and Server, Siebel, Solaris, E-Business Suite and others.

Some of the vulnerabilities fixed with this update impact multiple pieces of software.

As far as Java is concerned, 34 of the 36 security holes addressed by Oracle with the January 2014 CPU can be exploited remotely and without authentication. The affected Java SE components are Java SE, Java SE Embedded, JavaFX and JRockit.

For additional details on the January 2014 CPU, check out Oracle’s advisory.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s