Mac OS X 10.7 < 10.7.4 Multiple Vulnerabilities

Critical Nessus Network Monitor Plugin ID 6482

Synopsis

The remote host is missing a Mac OS X update that fixes a security issue.

Description

The remote host is running a version of Mac OS X 10.7 that is older than version 10.7.4. The newer version contains numerous security-related fixes for the following components :

- Login Windows
- Bluetooth
- curl
- HFS
- Kernel
- libarchive
- libsecurity
- libxml
- LoginUIFramework
- PHP
- Quartz Composer
- QuickTime
- Ruby
- Security Framework
- Time Machine
- X11

Solution

Upgrade to Mac OS X 10.7.4 or later.

See Also

http://support.apple.com/kb/HT5281

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

Plugin Details

Severity: Critical

ID: 6482

File Name: 6482.prm

Family: Generic

Published: 2012/05/14

Modified: 2017/02/02

Dependencies: 1735, 8314

Nessus ID: 59066

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Patch Publication Date: 2011/05/09

Vulnerability Publication Date: 2011/02/18

Reference Information

CVE: CVE-2011-1004, CVE-2011-1005, CVE-2011-1777, CVE-2011-1778, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-2895, CVE-2011-3212, CVE-2011-3389, CVE-2011-3919, CVE-2011-4566, CVE-2011-4815, CVE-2011-4885, CVE-2012-0036, CVE-2012-0642, CVE-2012-0649, CVE-2012-0651, CVE-2012-0652, CVE-2012-0654, CVE-2012-0655, CVE-2012-0656, CVE-2012-0657, CVE-2012-0658, CVE-2012-0659, CVE-2012-0660, CVE-2012-0661, CVE-2012-0662, CVE-2012-0675, CVE-2012-0830

BID: 46458, 46460, 47737, 48056, 49124, 49279, 49658, 49778, 50907, 51193, 51198, 51300, 51665, 51830, 52364, 53456, 53458, 53457, 53462, 53465, 53466, 53467, 53468, 53469, 53470, 53471, 53473

IAVA: 2012-A-0073, 2012-A-0153

IAVB: 2012-B-0006