On Tuesday Oracle had fixed the 127 issue in Java, its database and other products, sorting out the issues so that attackers take over systems.
First time oracle has involved Java in its quarterly CPU, as the company had planned to improve the accuracy of Java script releases from every four months to one every three months.
The Recent update of new Java SE 7 version on Tuesday contains 51 of the 127 security fixes in this CPU in which the fifty of those fixed address exposures can be done without authentication and 12 have the high strictness rating which can be used to take complete control of the underlying operating system.
Out of 51 In the Java security update, 40 had affected to client distribution which includes the Java web browser plug in and 8 effected to both client and server deployments.
These vulnerabilities can be browbeaten through the Java Web Start applications or Java applets.
The various other 76 security has done in the CPU which is not related to java address vulnerabilities like Oracle product families: Oracle Database, Oracle Fusion Middleware, Oracle Enterprise Manager Grid Control, Oracle E-Business Suite, Oracle Supply Chain Products Suite, Oracle Linux and Virtualization, Oracle Siebel CRM, Oracle I Learning, Oracle industry Applications, Oracle FLEXCUBE, Oracle Primavera, Oracle and Sun Systems Products Suite, Oracle PeopleSoft Enterprise and Oracle MySQL.
Two weaknesses which were found in the Oracle database server is both can be misused without any security and can result in losing the data confidentiality. Director of Oracle said, to fix the issue in one of the above issues required customer to enable encryption between their clients and server if the data had sent to untrusted network.
Sanskriti Infosol 