Mac OS X Multiple Vulnerabilities (Security Update 2014-001) (BEAST)
Critical Nessus Plugin ID 72688
Synopsis
The remote host is missing a Mac OS X update that fixes multiple security vulnerabilities.
Description
The remote host is running a version of Mac OS X 10.7 or 10.8 that does not have Security Update 2014-001 applied. This update contains several security-related fixes for the following components :
- Apache
- App Sandbox
- ATS
- Certificate Trust Policy
- CFNetwork Cookies
- CoreAnimation
- Date and Time
- File Bookmark
- ImageIO
- IOSerialFamily
- LaunchServices
- NVIDIA Drivers
- PHP
- QuickLook
- QuickTime
- Secure Transport
Note that successful exploitation of the most serious issues could result in arbitrary code execution.
Solution
Install Security Update 2014-001 or later.