Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (c) 2011 SecPodOPENVAS:902556
HistoryAug 29, 2011 - 12:00 a.m.

Java for Mac OS X 10.5 Update 9

2011-08-2900:00:00
Copyright (c) 2011 SecPod
plugins.openvas.org
20

0.06 Low

EPSS

Percentile

92.7%

JSON

This host is missing an important security update according to
Mac OS X 10.5 Update 9.

###############################################################################
# OpenVAS Vulnerability Test
# $Id: secpod_macosx_java_10_5_upd_9.nasl 7024 2017-08-30 11:51:43Z teissa $
#
# Java for Mac OS X 10.5 Update 9
#
# Authors:
# Sooraj KS <[email protected]>
#
# Copyright:
# Copyright (c) 2011 SecPod, http://www.secpod.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_impact = "Successful exploitation may allow an untrusted Java applet to execute
  arbitrary code outside the Java sandbox. Visiting a web page containing
  a maliciously crafted untrusted Java applet may lead to arbitrary code
  execution with the privileges of the current user.
  Impact Level: System/Application";
tag_affected = "Java for Mac OS X v10.5.8 and Mac OS X Server v10.5.8";
tag_insight = "For more information on the vulnerabilities refer the below links.";
tag_solution = "Upgrade to Java for Mac OS X 10.5 Update 9,
  For updates refer to http://support.apple.com/kb/HT4563";
tag_summary = "This host is missing an important security update according to
  Mac OS X 10.5 Update 9.";

if(description)
{
  script_id(902556);
  script_version("$Revision: 7024 $");
  script_tag(name:"last_modification", value:"$Date: 2017-08-30 13:51:43 +0200 (Wed, 30 Aug 2017) $");
  script_tag(name:"creation_date", value:"2011-08-29 16:22:41 +0200 (Mon, 29 Aug 2011)");
  script_cve_id("CVE-2010-4422", "CVE-2010-4447", "CVE-2010-4448", "CVE-2010-4450",
                "CVE-2010-4454", "CVE-2010-4462", "CVE-2010-4463", "CVE-2010-4465",
                "CVE-2010-4467", "CVE-2010-4468", "CVE-2010-4469", "CVE-2010-4470",
                "CVE-2010-4471", "CVE-2010-4472", "CVE-2010-4473", "CVE-2010-4476");
  script_bugtraq_id(46091, 46386, 46387, 46391, 46393, 46394, 46395, 46397,
                    46398, 46399, 46400, 46402, 46403, 46404, 46406, 46409);
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_name("Java for Mac OS X 10.5 Update 9");
  script_xref(name : "URL" , value : "http://support.apple.com/kb/HT4563");
  script_xref(name : "URL" , value : "http://lists.apple.com/archives/security-announce//2011//Mar/msg00002.html");

  script_copyright("Copyright (c) 2011 SecPod");
  script_category(ACT_GATHER_INFO);
  script_family("Mac OS X Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_require_ports("Services/ssh", 22);
  script_mandatory_keys("ssh/login/osx_name","ssh/login/osx_version");
  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-macosx.inc");
include("version_func.inc");

## Get the OS name
osName = get_kb_item("ssh/login/osx_name");
if(!osName){
  exit (0);
}

## Get the OS Version
osVer = get_kb_item("ssh/login/osx_version");
if(!osVer){
 exit(0);
}

## Check for the Mac OS X and Mac OS X Server
if("Mac OS X" >< osName || "Mac OS X Server" >< osName)
{
  ## Check the affected OS versions
  if(version_is_equal(version:osVer, test_version:"10.5.8"))
  {
    ## Check for the security update
    if(isosxpkgvuln(fixed:"com.apple.pkg.JavaForMacOSX10.5Update", diff:"9"))
    {
      security_message(0);
      exit(0);
    }
  }
}

Related

openvas 50
nessus 47
suse 4
redhat 14
securityvulns 4
ubuntu 3
centos 2
oraclelinux 2
fedora 5
osv 2
debian 2
prion 13
ubuntucve 12
cve 12
veracode 13
zdi 3
checkpoint_advisories 1
vmware 2
checkpoint_security 1
f5 1
seebug 2
jvn 2
cisa 1
ibm 1
openvas
openvas
Java for Mac OS X 10.6 Update 4
2011-08-29 00:00:00
Java for Mac OS X 10.6 Update 4
2011-08-29 00:00:00
Java for Mac OS X 10.5 Update 9
2011-08-29 00:00:00
nessus
nessus
Mac OS X : Java for Mac OS X 10.6 Update 4
2011-03-09 00:00:00
Mac OS X : Java for Mac OS X 10.5 Update 9
2011-03-09 00:00:00
SuSE 10 Security Update : java-1_6_0-ibm, java-1_6_0-ibm-32bit, java-1_6_0-ibm-64bit, java-1_6_0-ibm-alsa, java-1_6_0-ibm-alsa-32bit, java-1_6_0-ibm-demo, java-1_6_0-ibm-devel, java-1_6_0-ibm-devel-32bit, java-1_6_0-ibm-fonts, java-1_6_0-ibm-jdbc, java-1_6_0-ibm-jdbc-32bit, java-1_6_0-ibm-jdbc-64bit, java-1_6_0-ibm-plugin, java-1_6_0-ibm-plugin-32bit, java-1_6_0-ibm-src (ZYPP Patch Number 7369)
2011-03-22 00:00:00
suse
suse
remote code execution in java-1_6_0-sun
2011-02-22 14:41:11
Security update for IBM Java 1.4.2 (important)
2011-07-22 05:08:11
remote code execution in java-1_4_2-ibm
2011-05-13 13:10:27
redhat
redhat
(RHSA-2011:0282) Critical: java-1.6.0-sun security update
2011-02-17 00:00:00
(RHSA-2011:0357) Critical: java-1.6.0-ibm security update
2011-03-16 00:00:00
(RHSA-2011:0281) Important: java-1.6.0-openjdk security update
2011-02-17 00:00:00
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities / OpenJDK
2011-02-17 00:00:00
ZDI-11-085: Oracle Java XGetSamplePtrFromSnd Remote Code Execution Vulnerability
2011-02-17 00:00:00
ZDI-11-086: Oracle Java Webstart Trusted JNLP Extension Remote Code Execution Vulnerability
2011-02-17 00:00:00
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2011-03-17 00:00:00
OpenJDK 6 vulnerabilities
2011-03-01 00:00:00
OpenJDK 6 vulnerabilities
2011-03-15 00:00:00
centos
centos
java security update
2011-04-14 14:33:37
tomcat5 security update
2011-04-14 14:58:50
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2011-02-17 00:00:00
java-1.6.0-openjdk security update
2011-02-11 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-50.1.8.7.fc13
2011-02-16 19:17:23
[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-52.1.9.7.fc14
2011-02-16 19:20:33
[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-53.1.9.8.fc14
2011-06-11 04:18:13
osv
osv
openjdk-6 - several
2011-04-20 00:00:00
Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment
2022-05-14 02:16:07
debian
debian
[SECURITY] [DSA 2224-1] openjdk-6 security update
2011-04-20 20:19:48
[SECURITY] [DSA 2161-1] OpenJDK security update
2011-02-13 20:27:08
prion
prion
Design/Logic Flaw
2011-02-17 19:00:00
Design/Logic Flaw
2011-02-17 19:00:00
Design/Logic Flaw
2011-02-17 19:00:00
ubuntucve
ubuntucve
CVE-2010-4454
2011-02-17 00:00:00
CVE-2010-4473
2011-02-17 00:00:00
CVE-2010-4462
2011-02-17 00:00:00
cve
cve
CVE-2010-4454
2011-02-17 19:00:00
CVE-2010-4462
2011-02-17 19:00:00
CVE-2010-4473
2011-02-17 19:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:57:56
Denial Of Service (DoS)
2020-04-10 00:57:57
Privilege Escalation
2020-04-10 00:57:54
zdi
zdi
Oracle Java XGetSamplePtrFromSnd Remote Code Execution Vulnerability
2011-02-15 00:00:00
Oracle Java Webstart Trusted JNLP Extension Remote Code Execution Vulnerability
2011-02-15 00:00:00
Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability
2011-02-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Java XGetSamplePtrFromSnd Memory Corruption (CVE-2010-4462)
2011-06-28 00:00:00
vmware
vmware
VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
2011-10-27 00:00:00
VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
2011-10-27 00:00:00
checkpoint_security
checkpoint_security
Check Point's response to Oracle Java Floating-Point Value Denial of Service Vulnerability (CVE-2010-4476)
2011-02-14 22:00:00
f5
f5
K12826 : Java Runtime Environment (JRE) vulnerability: CVE-2010-4476
2013-09-11 00:00:00
seebug
seebug
Oracle Java Applet剪贴板注入远程代码执行漏洞
2011-12-01 00:00:00
IBM WebSphere Application Server未验证访问漏洞
2011-04-02 00:00:00
jvn
jvn
JVN#97334690: IBM Lotus vulnerable to denial-of-service (DoS)
2011-03-04 00:00:00
JVN#16308183: IBM DB2 vulnerable to denial-of-service (DoS)
2011-03-04 00:00:00
cisa
cisa
Oracle Releases Security Alert for Java Runtime Environment
2011-02-10 00:00:00
ibm
ibm
Security Bulletin: Denial of Service Security Exposure with Java causes JRE/JDK hang (CVE-2010-4476)
2020-09-10 15:43:59

0.06 Low

EPSS

Percentile

92.7%

JSON
Related for OPENVAS:902556
openvas50nessus47suse4redhat14securityvulns4ubuntu3centos2oraclelinux2fedora5osv2debian2prion13ubuntucve12cve12veracode13zdi3checkpoint_advisories1vmware2checkpoint_security1f51seebug2jvn2cisa1ibm1