Alert

Updated Release of the February 2013 Oracle Java SE Critical Patch Update

Last Revised

Oracle has released an updated February 2013 Critical Patch Update for Oracle Java SE to address a vulnerability. This vulnerability could allow a remote unauthenticated attacker to execute arbitrary code on vulnerable systems or to provide unauthorized disclosure of information.

The following versions of Oracle Java SE are affected:

  • JDK and JRE 7 Update 13 and earlier
  • JDK and JRE 6 Update 39 and earlier
  • JDK and JRE 5.0 Update 39 and earlier
  • SDK and JRE 1.4.2_41 and earlier

US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied. Additional information regarding this vulnerability can be found in Vulnerability Notes VU#636312.

This product is provided subject to this Notification and this Privacy & Use policy.