Apple Security Advisory 2013-02-01-1 - Multiple vulnerabilities exist in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_39.
c7879672067e4870f87d194d16149752cfcfc59a5ff6d331b4196e503807e190-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12
Java for Mac OS X v10.6 Update 12 is now available and addresses the
following:
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8
Impact: Multiple vulnerabilities in Java 1.6.0_37
Description: Multiple vulnerabilities exist in Java 1.6.0_37, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.6.0_39.
Further information is available via the Java website at https://www.o
racle.com/technetwork/java/javase/releasenotes-136954.html
CVE-ID
CVE-2012-3213
CVE-2012-3342
CVE-2013-0351
CVE-2013-0409
CVE-2013-0419
CVE-2013-0423
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0428
CVE-2013-0429
CVE-2013-0432
CVE-2013-0433
CVE-2013-0434
CVE-2013-0435
CVE-2013-0438
CVE-2013-0440
CVE-2013-0441
CVE-2013-0442
CVE-2013-0443
CVE-2013-0445
CVE-2013-0446
CVE-2013-0450
CVE-2013-1473
CVE-2013-1475
CVE-2013-1476
CVE-2013-1478
CVE-2013-1480
CVE-2013-1481
Java for Mac OS X 10.6 Update 12 may be obtained
from the Software Update pane in System Preferences or
Apple's Software Downloads web site:
https://www.apple.com/support/downloads/
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: 0c790491ca22ee009086ee1ec1f1b358024dd83e
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - https://gpgtools.org
iQIcBAEBAgAGBQJRDHzrAAoJEPefwLHPlZEwARUQAJqht+yZpLhvksCJ+hFcvdGI
6K+xYeHlIwjYmF+/QekNxOpkCvdjfaC5YVFKIretUePA7t+E/kkj2UbBrLOpOKfk
Sh2OFOTTwFdQf7naDgdIROos5c8iNFUufGzjJFUzjUeEiVDFI37Keij+pttYsPXs
1n9T2YajHAsSsbjb6ldIOhV03WkjIGKH3k9Kn9HiwFA4s0lIB01TiKKEgpUfBVVM
HwoHtXrgt5lFbR3w80iyhGKnB/Su2JkQ6yIgK/66OkcvTziyZlxi7HT39MjH7gLK
uuKoKfD2jue5P6Sk0YKQ8LA+5qD+ODmYEQwSov1Kf13ARVSBrLnPnw+Chx1rjura
QyVAP6q+Ss8Im0wFpXH9HlHWy1FiepABgvhM0GfxB34Qwx3mrG3w5cy4ASQDtveb
vXOkko4XKZ1rrTq3GpIX+zl1KVdVQNXjzhN9vx48mqK9IXogAwBQcFJX/P1Bk/2k
38nkjmCD3peSBq1PGwoSO/3nKDXS4mWc2caUSgT//xVrl9hFiss7iuOHT13lnuu9
yXKjNjwH4Mi1LIVEghgr0CLnUiYiHCiGKlBIRWGqHkUGQONtmvQh6aoFg2Er5WrM
lFikl3hM5JMm9vpW6pAJRvdfKghniKaO6ekJzlSj6smamBwLBAo+lcDg+Z+FxMOX
FeQoXC/8drXJLOuVs4wQ
=qzRL
-----END PGP SIGNATURE-----
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed