You are here

V-137: Apple Mac OS X update for Java

April 18, 2013 - 6:00am

Addthis

PROBLEM:

Apple Mac OS X update for Java

PLATFORM:

Mac OS X 10.6, OS X Lion

ABSTRACT:

Apple has issued an update for Java for Mac OS X.

REFERENCE LINKS:

Secunia Advisory SA53100
Apple Support Article HT5734
CVE-2013-1491
CVE-2013-1537
CVE-2013-1540
CVE-2013-1557
CVE-2013-1558
CVE-2013-1563
CVE-2013-1569
CVE-2013-2383
CVE-2013-2384
CVE-2013-2394
CVE-2013-2417
CVE-2013-2419
CVE-2013-2420
CVE-2013-2422
CVE-2013-2424
CVE-2013-2429
CVE-2013-2430
CVE-2013-2432
CVE-2013-2435
CVE-2013-2437
CVE-2013-2440

IMPACT ASSESSMENT:

High

DISCUSSION:

Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user.

IMPACT:

Manipulation of data
Exposure of sensitive information
DoS
System access

SOLUTION:

Vendor recommends updating to Java version 1.6.0_45

Addthis