Mac OS X : Apple Safari < 9.0.2 Multiple RCE

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote host has a web browser installed that is affected by
multiple remote code execution vulnerabilities.

Description :

The version of Apple Safari installed on the remote host is prior to
9.0.2. It is, therefore, affected by multiple memory corruption issues
in WebKit due to improper memory handling. An unauthenticated, remote
attacker can exploit these, via a crafted website, to execute
arbitrary code or possibly cause a denial of service.

See also :

https://support.apple.com/en-us/HT205639
http://www.nessus.org/u?ea90039a

Solution :

Upgrade to Apple Safari version 9.0.2 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.5
(CVSS2#E:U/RL:ND/RC:UR)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now