Mac OS X 10.x < 10.12.1 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 9758

Synopsis

The remote host is missing a critical Mac OS X patch update.

Description

The remote host is running a version of Mac OS X version 10.x prior to 10.12.1, and is affected by multiple vulnerabilities in the following components :

- AppleMobileFileIntegrity (CVE-2016-7584)
- AppleGraphicsControl (CVE-2016-4662)
- AppleSMC (CVE-2016-4678)
- ATS (CVE-2016-4667, CVE-2016-4674)
- CFNetwork Proxies (CVE-2016-7579)
- CoreGraphics (CVE-2016-4673)
- Core Image (CVE-2016-4681)
- FaceTime (CVE-2016-7577)
- FontParser (CVE-2016-4660, CVE-2016-4688)
- IDS - Connectivity (CVE-2016-4721)
- ImageIO (CVE-2016-4671, CVE-2016-4682, CVE-2016-4683)
- Kernel (CVE-2016-4669, CVE-2016-7613)
- libarchive (CVE-2016-4679)
- libxpc (CVE-2016-4675)
- ntfs (CVE-2016-4661)
- NVIDIA Graphics Drivers (CVE-2016-4663)
- Security (CVE-2016-4670)
- Thunderbolt (CVE-2016-4780)

Solution

Upgrade to Mac OS X 10.12.1 or later.

See Also

https://support.apple.com/en-us/HT207275

Plugin Details

Severity: High

ID: 9758

Published: 11/8/2016

Updated: 3/6/2019

Nessus ID: 94253

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Patch Publication Date: 10/24/2016

Vulnerability Publication Date: 10/24/2016

Reference Information

CVE: CVE-2016-4635, CVE-2016-4660, CVE-2016-4661, CVE-2016-4662, CVE-2016-4663, CVE-2016-4667, CVE-2016-4669, CVE-2016-4670, CVE-2016-4671, CVE-2016-4673, CVE-2016-4674, CVE-2016-4675, CVE-2016-4678, CVE-2016-4679, CVE-2016-4681, CVE-2016-4682, CVE-2016-4683, CVE-2016-4688, CVE-2016-4721, CVE-2016-4780, CVE-2016-7577, CVE-2016-7579, CVE-2016-7584

BID: 91829, 93849, 93856, 93852