This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote Mac OS X host has an application installed that is affected
by multiple vulnerabilities.
The version of Apple Xcode installed on the remote Mac OS X host is
prior to 7.2. It is, therefore, affected by multiple vulnerabilities :
- Multiple remote code execution vulnerabilities exist
due to a flaw in the otools component that is
triggered when handling Mach-O files. A remote
attacker can exploit these vulnerabilities to execute
arbitrary code. (CVE-2015-7049, CVE-2015-7057)
- A flaw exists in the IDE SCM due to the .gitignore
directive not being honored. An unauthenticated,
remote attacker can exploit this to disclose sensitive
- A remote code execution vulnerability exists due to a
flaw in git-remote-ext that is triggered when handling
a specially crafted URL. An unauthenticated, remote
attacker can exploit this to execute arbitrary code.
See also :
Upgrade to Apple Xcode version 7.2 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false