Language:
http://www.zerodayinitiative.com/advisories/ZDI-13-132/
http://www.zerodayinitiative.com/advisories/ZDI-13-151/
http://www.zerodayinitiative.com/advisories/ZDI-13-152/
http://www.zerodayinitiative.com/advisories/ZDI-13-153/
http://www.zerodayinitiative.com/advisories/ZDI-13-154/
http://www.zerodayinitiative.com/advisories/ZDI-13-155/
http://www.zerodayinitiative.com/advisories/ZDI-13-156/
http://www.zerodayinitiative.com/advisories/ZDI-13-157/
http://www.zerodayinitiative.com/advisories/ZDI-13-158/
http://www.zerodayinitiative.com/advisories/ZDI-13-159/
http://www.zerodayinitiative.com/advisories/ZDI-13-160/
http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html
http://support.apple.com/kb/HT5797
http://lists.apple.com/archives/security-announce/2013/Jun/msg00002.html
Severity: Critical
ID: 66928
File Name: macosx_java_2013-004.nasl
Version: 1.23
Type: local
Agent: macosx
Family: MacOS X Local Security Checks
Published: 6/19/2013
Updated: 11/27/2023
Supported Sensors: Nessus Agent, Nessus
Risk Factor: Critical
Score: 9.8
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2013-2473
CPE: cpe:/a:apple:java_1.6
Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/18/2013
Vulnerability Publication Date: 6/18/2013
CISA Known Exploited Vulnerability Due Dates: 4/18/2022
Core Impact
Metasploit (Java storeImageArray() Invalid Array Indexing Vulnerability)
CVE: CVE-2013-1500, CVE-2013-1571, CVE-2013-2407, CVE-2013-2412, CVE-2013-2437, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2461, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743
BID: 60617, 60618, 60619, 60620, 60623, 60624, 60625, 60626, 60627, 60629, 60631, 60632, 60633, 60634, 60636, 60637, 60638, 60639, 60640, 60641, 60643, 60644, 60645, 60646, 60647, 60650, 60651, 60653, 60655, 60656, 60657, 60658, 60659
APPLE-SA: APPLE-SA-2013-06-18-1
CERT: 225657