Mac OS X Security Update 2006-008

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a Mac OS X update that fixes a security
issue.

Description :

The remote host is running a version of Mac OS X 10.4 that does not
have Security Update 2006-008 applied.

This update fixes a flaw in QuickTime that may allow a rogue website to
obtain the images rendered on the user screen. By combining this flaw
with Quartz Composer, an attacker may be able to obtain screen shots of
the remote host.

See also :

http://docs.info.apple.com/article.html?artnum=304916

Solution :

Install the security update 2006-008 :

http://www.apple.com/support/downloads/securityupdate2006008universal.html
http://www.apple.com/support/downloads/securityupdate2006008ppc.html

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 1.9
(CVSS2#E:U/RL:OF/RC:ND)
Public Exploit Available : false

Family: MacOS X Local Security Checks

Nessus Plugin ID: 23926 (macosx_SecUpd2006-008.nasl)

Bugtraq ID: 21672

CVE ID: CVE-2006-5681

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial