Oracle Java Update (October 2014) Multiple Vulnerabilities
Critical Nessus Network Monitor Plugin ID 8550
SynopsisThe remote client is missing security patches for the Java client.
DescriptionOracle's October 2014 security update for Java fixes remote and local vulnerabilities in the following components of the Java SE JDK/JRE:
Twenty-two of these 25 fixed vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. no further details have been released by the vendor.
SolutionUsers of Java should update to the following versions of Java, or latest: 1.8.0_25 (for JRE 8), 1.7.0_71 (for JRE 7), 1.6.0_85 (for JRE 6), or 1.5.0_75 (for JRE 5).