Mac OS X : Java for OS X 2014-001
Critical Nessus Plugin ID 78891
SynopsisThe remote host has a version of Java installed that is affected by multiple vulnerabilities.
DescriptionThe remote Mac OS X 10.7, 10.8, 10.9, or 10.10 host has a Java runtime that is missing the Java for OS X 2014-001 update, which updates the Java version to 1.6.0_65. It is, therefore, affected by multiple security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the privileges of the current user outside the Java sandbox.
Note that the Java for OS X 2014-001 update installs the same version of Java 6 included in Java for OS X 2013-005.
SolutionApply the Java for OS X 2014-001 update, which includes version 15.0.0 of the JavaVM Framework.