Mac OS X iChat Link Handling Arbitrary Command Execution (Security Update 2004-09-16)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.

Synopsis :

The remote host is missing a Mac OS X update that fixes a security

Description :

The remote host is missing Security Update 2004-09-16.

This security update is for iChat. There is a bug in older versions
of iChat where an attacker may execute commands on the local system
by sending malformed links which will execute local commands to an
iChat user on the remote host.

See also :

Solution :

Install Security Update 2004-09-16.

Risk factor :

Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 14768 (macosx_SecUpd20040916.nasl)

Bugtraq ID: 11207

CVE ID: CVE-2004-0873

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now