Mac OS X 10.x < 10.12.1 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 9758

Synopsis

The remote host is missing a critical Mac OS X patch update.

Description

The remote host is running a version of Mac OS X version 10.x prior to 10.12.1, and is affected by multiple vulnerabilities in the following components :

- AppleMobileFileIntegrity (CVE-2016-7584)
- AppleGraphicsControl (CVE-2016-4662)
- AppleSMC (CVE-2016-4678)
- ATS (CVE-2016-4667, CVE-2016-4674)
- CFNetwork Proxies (CVE-2016-7579)
- CoreGraphics (CVE-2016-4673)
- Core Image (CVE-2016-4681)
- FaceTime (CVE-2016-7577)
- FontParser (CVE-2016-4660, CVE-2016-4688)
- IDS - Connectivity (CVE-2016-4721)
- ImageIO (CVE-2016-4671, CVE-2016-4682, CVE-2016-4683)
- Kernel (CVE-2016-4669, CVE-2016-7613)
- libarchive (CVE-2016-4679)
- libxpc (CVE-2016-4675)
- ntfs (CVE-2016-4661)
- NVIDIA Graphics Drivers (CVE-2016-4663)
- Security (CVE-2016-4670)
- Thunderbolt (CVE-2016-4780)

Solution

Upgrade to Mac OS X 10.12.1 or later.

See Also

https://support.apple.com/en-us/HT207275

Plugin Details

Severity: High

ID: 9758

File Name: 9758.prm

Published: 2016/11/08

Modified: 2017/02/21

Dependencies: 4435

Nessus ID: 94253

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 8.1

Temporal Score: 7.5

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Patch Publication Date: 2016/10/24

Vulnerability Publication Date: 2016/10/24

Reference Information

CVE: CVE-2016-4635, CVE-2016-4660, CVE-2016-4661, CVE-2016-4662, CVE-2016-4663, CVE-2016-4667, CVE-2016-4669, CVE-2016-4670, CVE-2016-4671, CVE-2016-4673, CVE-2016-4674, CVE-2016-4675, CVE-2016-4678, CVE-2016-4679, CVE-2016-4681, CVE-2016-4682, CVE-2016-4683, CVE-2016-4688, CVE-2016-4721, CVE-2016-4780, CVE-2016-7577, CVE-2016-7579, CVE-2016-7584

BID: 91829, 93849, 93852, 93856