Detections
Analytics

Apple Keynote < 6.0 Presentation Mode Lock Engagement Screen Lock Bypass

high Nessus Plugin ID 70611

Language:

Synopsis

An application on the remote host is affected by a security bypass vulnerability.

Description

The version of Apple Keynote installed on the remote Mac OS X host is earlier than 6.0. As such, it reportedly suffers from a vulnerability in which the screen lock may not be engaged when the computer is put to sleep while in Keynote presentation mode under certain conditions.

Solution

Upgrade to Keynote 6.0 or later.

See Also

http://support.apple.com/kb/HT6002

http://lists.apple.com/archives/security-announce/2013/Oct/msg00005.html

Plugin Details

Severity: High

ID: 70611

File Name: macosx_keynote_6_0.nasl

Version: 1.3

Type: local

Agent: macosx

Published: 10/25/2013

Updated: 11/27/2019

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2013-5148

Vulnerability Information

CPE: cpe:/a:apple:keynote

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, MacOSX/Keynote/Installed

Exploit Ease: No known exploits are available

Patch Publication Date: 10/22/2013

Vulnerability Publication Date: 10/22/2013

Reference Information

CVE: CVE-2013-5148

BID: 63283

APPLE-SA: APPLE-SA-2013-10-22-4