Apple Keynote < 6.0 Presentation Mode Lock Engagement Screen Lock Bypass

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

An application on the remote host is affected by a security bypass
vulnerability.

Description :

The version of Apple Keynote installed on the remote Mac OS X host is
earlier than 6.0. As such, it reportedly suffers from a vulnerability
in which the screen lock may not be engaged when the computer is put to
sleep while in Keynote presentation mode under certain conditions.

See also :

http://support.apple.com/kb/HT6002
http://lists.apple.com/archives/security-announce/2013/Oct/msg00005.html

Solution :

Upgrade to Keynote 6.0 or later.

Risk factor :

Medium / CVSS Base Score : 5.9
(CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C)
CVSS Temporal Score : 5.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 70611 ()

Bugtraq ID: 63283

CVE ID: CVE-2013-5148