Mac OS X : Java for Mac OS X 10.5 Update 10

This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.


Synopsis :

The remote host has a version of Java that is affected by multiple
vulnerabilities.

Description :

The remote Mac OS X host is running a version of Java for Mac OS X
10.5 that is missing Update 10, which updates the Java version to
1.6.0_26 / 1.5.0_30. As such, it is affected by several security
vulnerabilities, the most serious of which may allow an untrusted Java
applet to execute arbitrary code with the privileges of the current
user outside the Java sandbox.

See also :

http://support.apple.com/kb/HT4739
http://lists.apple.com/archives/security-announce/2011/Jun/msg00002.html

Solution :

Upgrade to Java for Mac OS X 10.5 Update 10, which includes version
12.9.0 of the JavaVM Framework.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false