Mac OS X Multiple Vulnerabilities (Security Update 2013-003)

high Nessus Plugin ID 67130

Synopsis

The remote host is missing a Mac OS X update that fixes several security issues.

Description

The remote host is running a version of Mac OS X 10.6, 10.7, or 10.8 that does not have Security Update 2013-003 applied. This update contains several security-related fixes for the following component :

- QuickTime

Successful exploitation of these issues could result in arbitrary code execution.

Solution

Install Security Update 2013-003 or later.

See Also

http://support.apple.com/kb/HT5806

http://lists.apple.com/archives/security-announce/2013/Jul/msg00000.html

http://www.securityfocus.com/archive/1/527048/30/0/threaded

Plugin Details

Severity: High

ID: 67130

File Name: macosx_SecUpd2013-003.nasl

Version: 1.12

Type: local

Agent: macosx

Published: 7/2/2013

Updated: 5/28/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x:10.6, cpe:/o:apple:mac_os_x:10.8, cpe:/o:apple:mac_os_x:10.7

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, Host/MacOSX/packages/boms

Exploit Ease: No known exploits are available

Patch Publication Date: 7/2/2013

Vulnerability Publication Date: 5/22/2013

Reference Information

CVE: CVE-2013-1018, CVE-2013-1019, CVE-2013-1022

BID: 60098, 60102, 60104

APPLE-SA: APPLE-SA-2013-07-02-1