Mac OS X : Java for OS X 2013-002

This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.

Synopsis :

The remote host has a version of Java that is affected by multiple

Description :

The remote Mac OS X 10.7 or 10.8 host has a Java runtime that is
missing the Java for OS X 2013-002 update, which updates the Java
version to 1.6.0_43. It is, therefore, affected by two security
vulnerabilities, the most serious of which may allow an untrusted Java
applet to execute arbitrary code with the privileges of the current user
outside the Java sandbox.

Note that an exploit for CVE-2013-1493 has been observed in the wild.

See also :

Solution :

Apply the Java for OS X 2013-002 update, which includes version
14.6.1 of the JavaVM Framework.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 65028 ()

Bugtraq ID: 58238

CVE ID: CVE-2013-0809

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now