Mac OS X 10.7 < 10.7.4 Multiple Vulnerabilities

critical Nessus Network Monitor Plugin ID 6482

Synopsis

The remote host is missing a Mac OS X update that fixes a security issue.

Description

The remote host is running a version of Mac OS X 10.7 that is older than version 10.7.4. The newer version contains numerous security-related fixes for the following components :

- Login Windows
- Bluetooth
- curl
- HFS
- Kernel
- libarchive
- libsecurity
- libxml
- LoginUIFramework
- PHP
- Quartz Composer
- QuickTime
- Ruby
- Security Framework
- Time Machine
- X11

Solution

Upgrade to Mac OS X 10.7.4 or later.

See Also

http://support.apple.com/kb/HT5281

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

Plugin Details

Severity: Critical

ID: 6482

Family: Generic

Published: 5/14/2012

Updated: 3/6/2019

Nessus ID: 59066

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Patch Publication Date: 5/9/2011

Vulnerability Publication Date: 2/18/2011

Reference Information

CVE: CVE-2011-1004, CVE-2011-1005, CVE-2011-1777, CVE-2011-1778, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-2895, CVE-2011-3212, CVE-2011-3389, CVE-2011-3919, CVE-2011-4566, CVE-2011-4815, CVE-2011-4885, CVE-2012-0036, CVE-2012-0642, CVE-2012-0649, CVE-2012-0651, CVE-2012-0652, CVE-2012-0654, CVE-2012-0655, CVE-2012-0656, CVE-2012-0657, CVE-2012-0658, CVE-2012-0659, CVE-2012-0660, CVE-2012-0661, CVE-2012-0662, CVE-2012-0675, CVE-2012-0830

BID: 49778, 50907, 51193, 51198, 51830, 47737, 49124, 48056, 49279, 49658, 46458, 46460, 51300, 52364, 53457, 51665, 53465, 53467, 53469, 53456, 53458, 53462, 53466, 53468, 53470, 53471, 53473