Mac OS X : Java for Mac OS X 10.5 Update 5

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote host has a version of Java that is affected by multiple
vulnerabilities.

Description :

The remote Mac OS X host is running a version of Java for Mac OS X
10.5 that is missing Update 5.

The remote version of this software contains several security
vulnerabilities, including some that may allow untrusted Java applets
to obtain elevated privileges and lead to execution of arbitrary code
with the privileges of the current user.

See also :

http://support.apple.com/kb/HT3851
http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
http://www.securityfocus.com/advisories/17819

Solution :

Upgrade to Java for Mac OS X 10.5 Update 5 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false