Mac OS X 10.8 < 10.8.5 Multiple Vulnerabilities (Security Update 2013-004)

2013-09-1600:00:00

Tenable

www.tenable.com

JSON

The remote host is missing Mac OS X security update 2013-004 that fixes multiple security issues.

The remote host is running a version of Mac OS X 10.8 that is older than 10.8.5. The newer version contains numerous security-related fixes for the following components :

Apache
Bind
Certificate Trust Policy
CoreGraphics
ImageIO
Installer
IPSec
Kernel
Mobile Device Management
OpenSSL
PHP
PostgreSQL
Power Management
QuickTime
Screen Lock
sudo

This update also addresses an issue in which certain Unicode strings could cause applications to unexpectedly quit.

Note that successful exploitation of the most serious issues could result in arbitrary code execution.

Binary data 8008.prm

VendorProductVersionCPE
applemac_os_xcpe:/o:apple:mac_os_x

Vendor	Product	Version	CPE
apple	mac_os_x		cpe:/o:apple:mac_os_x

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2686

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1025

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1026

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1027

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1028

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1029

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1030

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1031

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1032

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1033

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1635

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1643

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1775

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1824

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1902

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1903

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5163

lists.apple.com/archives/security-announce/2013/Sep/msg00002.html

support.apple.com/kb/HT5880

www.securityfocus.com/archive/1/528594/30/0/threaded

JSON