Mac OS X Multiple Vulnerabilities (Security Updates 2015-005 / 2015-008)
Critical Nessus Plugin ID 87321
SynopsisThe remote host is missing a Mac OS X update that fixes multiple security vulnerabilities.
DescriptionThe remote host is running a version of Mac OS X 10.9.5 or 10.10.5 that is missing Security Update 2015-005 or 2015-008. It is, therefore, affected by multiple vulnerabilities in the following components :
- CFNetwork HTTPProtocol
- Configuration Profiles
- CoreMedia Playback
- Disk Images
- File Bookmark
- Intel Graphics Driver
- IOKit SCSI
- kext tools
- Keychain Access
- System Integrity Protection
Note that successful exploitation of the most serious issues can result in arbitrary code execution.
SolutionInstall Security Update 2015-006 (OS X 10.9.5) / 2015-008 (OS X 10.10.5) or later. Note that Security Update 2015-006 is a replacement for the earlier 2015-005 update mentioned in the original advisory.