At the top of the list with the most fixed vulnerabilities and widespread impact are 36 security fixes for Oracle’s Java. Oracle first began to include Java security fixes as part of its main CPU release in October of 2013. At that time, Oracle fixed a total of 127 vulnerabilities, with Java accounting for 51 of them.
With the January crop of Java vulnerabilities, 34 of the 36 flaws are remotely exploitable without user authentication, making them among the most dangerous types of software flaws. Going a step further, Oracle has ranked five of the new Java vulnerabilities as having the highest possible Common Vulnerability Scoring System (CVSS) score of 10.
Read the full story at eWEEK:
Oracle Patches 144 New Security Vulnerabilities to Start 2014