This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote host has a version of Java that is affected by multiple
The remote Mac OS X host is running a version of Java for Mac OS X
10.7 that is missing update 2012-001, which updates the Java version
to 1.6.0_31. As such, it is affected by several security
vulnerabilities, the most serious of which may allow an untrusted Java
applet to execute arbitrary code with the privileges of the current
user outside the Java sandbox.
See also :
Upgrade to Java for OS X Lion 2012-002, which includes version
14.2.1 of the JavaVM Framework.
Note that these vulnerabilities are actually addressed with Java for
OS X Lion 2012-001. That update was found to have some non-security
bugs, though, and has been re-released as 2012-002.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.7
Public Exploit Available : true
Family: MacOS X Local Security Checks
Nessus Plugin ID: 58606 ()
Bugtraq ID: 511945200952011520125201352014520155201652017520185201952161
CVE ID: CVE-2011-3563CVE-2011-5035CVE-2012-0497CVE-2012-0498CVE-2012-0499CVE-2012-0500CVE-2012-0501CVE-2012-0502CVE-2012-0503CVE-2012-0505CVE-2012-0506CVE-2012-0507
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.