Oracle plans to send out fixes on Tuesday for several Java Standard Edition security flaws, including some it rates as 'critical'.
The Java SE Critical Patch Update for June will deliver 17 fixes for vulnerabilities that can be exploited by a remote attacker without the need for a username and password, the software maker said in an announcement on Friday.
"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible," it said in its pre-release announcement.
Oracle has given at least one of the vulnerabilities the highest security risk rating of 10.0, based on the standard CVSS scoring.
The security holes affect JDK and JRE 6 (update 25 and earlier); JDK and JRE 5.0 (update 29 and earlier); and SDK and JRE 1.4.2_31 and earlier, running on Windows, Solaris and Linux systems.