Mac OS X Multiple Vulnerabilities (Security Update 2007-009)

critical Nessus Plugin ID 29723

Synopsis

The remote host is missing a Mac OS X update that fixes various security issues.

Description

The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2007-009 applied.

This update contains several security fixes for a large number of programs.

Solution

Install Security Update 2007-009.

See Also

http://docs.info.apple.com/article.html?artnum=307179

http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html

http://www.securityfocus.com/advisories/13649

Plugin Details

Severity: Critical

ID: 29723

File Name: macosx_SecUpd2007-009.nasl

Version: 1.28

Type: local

Agent: macosx

Published: 12/18/2007

Updated: 5/28/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x:10.5, cpe:/o:apple:mac_os_x:10.4

Required KB Items: Host/MacOSX/packages, Host/uname

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/17/2007

Vulnerability Publication Date: 3/15/2006

Exploitable With

Metasploit (Mail.app Image Attachment Command Execution)

Reference Information

CVE: CVE-2006-0024, CVE-2007-1218, CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-3798, CVE-2007-3876, CVE-2007-4131, CVE-2007-4351, CVE-2007-4572, CVE-2007-4708, CVE-2007-4709, CVE-2007-4710, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768, CVE-2007-4965, CVE-2007-5116, CVE-2007-5379, CVE-2007-5380, CVE-2007-5398, CVE-2007-5476, CVE-2007-5770, CVE-2007-5847, CVE-2007-5848, CVE-2007-5849, CVE-2007-5850, CVE-2007-5851, CVE-2007-5853, CVE-2007-5854, CVE-2007-5855, CVE-2007-5856, CVE-2007-5857, CVE-2007-5858, CVE-2007-5859, CVE-2007-5860, CVE-2007-5861, CVE-2007-5863, CVE-2007-6077, CVE-2007-6165

BID: 17106, 22772, 24965, 25417, 25696, 26096, 26268, 26274, 26346, 26350, 26421, 26454, 26455, 26510, 26598, 26908, 26910, 26926

CWE: 119, 134, 16, 189, 20, 200, 22, 264, 287, 310, 362, 399, 79