On Tuesday, Oracle will release its Critical Patch Update (CPU) for January 2014. A total of 144 security holes will be addressed, including 36 that impact Java.
The list of products affected by the flaws includes Database, Fusion Middleware, Enterprise Data Quality, Forms and Reports, Portal, Outside in Technology, GlassFish Server, HTTP Server, Identity Manager, Internet Directory, iPlanet, Reports Developer, VM VirtualBox, MySQL Enterprise Monitor and Server, Siebel, Solaris, E-Business Suite and others.
Some of the vulnerabilities fixed with this update impact multiple pieces of software.
As far as Java is concerned, 34 of the 36 security holes addressed by Oracle with the January 2014 CPU can be exploited remotely and without authentication. The affected Java SE components are Java SE, Java SE Embedded, JavaFX and JRockit.
For additional details on the January 2014 CPU, check out Oracle’s advisory.