Jump to content


Photo

Java JRE updates/advisories


  • Please log in to reply
50 replies to this topic

#51 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,693 posts

Posted 14 July 2015 - 05:23 PM

FYI...

Java 8u51 released

Release Notes
- http://www.oracle.co...es-2587590.html

Downloads / JRE
- http://www.oracle.co...ds-2133155.html

Recommended Version 8 Update 51
- https://www.java.com...load/manual.jsp
July 14, 2015

... -if- you still need to use Java at all. If not - uninstall it!
___

Patch Availability Table
- http://www.oracle.co...ml#AppendixJAVA
"... contains 25 new security fixes for Oracle Java SE.  23 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password..."

https://blogs.oracle...al_patch_update
Jul 14, 2015 - "... 25 fixes Oracle Java SE. 23 of these Java SE vulnerabilities are remotely exploitable without authentication. 16 of these Java SE fixes are for Java client-only, including one fix for the client installation of Java SE. 5 of the Java fixes are for client and server deployment. One fix is specific to the Mac platform. And 4 fixes are for JSSE client and server deployments. Please note that this Critical Patch Update also addresses a recently announced 0-day vulnerability (CVE-2015-2590), which was being reported as actively exploited in the wild..."

 

- https://web.nvd.nist...d=CVE-2015-2590
Last revised: 07/16/2015
10.0 (HIGH)
___

- http://www.securityt....com/id/1032910
CVE Reference: CVE-2015-2590, CVE-2015-2596, CVE-2015-2597, CVE-2015-2601, CVE-2015-2613, CVE-2015-2619, CVE-2015-2621, CVE-2015-2625, CVE-2015-2627, CVE-2015-2628, CVE-2015-2632, CVE-2015-2637, CVE-2015-2638, CVE-2015-2659, CVE-2015-2664, CVE-2015-2808, CVE-2015-4000, CVE-2015-4729, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4736, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
Jul 15 2015
Impact: Denial of service via network, Disclosure of system information, Disclosure of user information, Modification of system information, Modification of user information, User access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes ...
Solution: The vendor has issued a fix as part of Oracle Critical Patch Update Advisory - July 2015.
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 17 July 2015 - 01:55 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.





2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button