Risks
Advisories
Browse
or
or
Apple Product Security - Java for OS X 2013-002 and Mac OS X v10.6 Update 14 (APPLE-SA-2013-03-04-1)
APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6
Update 14

Java for OS X 2013-002 and Mac OS X v10.6 Update 14 are now available
and address the following:

Java
Available for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7 or later, OS X Lion Server v10.7 or later,
OS X Mountain Lion 10.8 or later
Impact:  Multiple vulnerabilities in Java 1.6.0_41
Description:  Multiple vulnerabilities existed in Java 1.6.0_41, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues were addressed by updating to Java version 1.6.0_43.
Further information is available via the Java website at http://www.o
racle.com/technetwork/java/javase/releasenotes-136954.html
CVE-ID
CVE-2013-0809
CVE-2013-1493


Java for OS X 2013-002 and Java for Mac OS X 10.6 Update 14
may be obtained from the Software Update pane in System Preferences,
Mac App Store, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: 0f61f751f0a93a3a16824a826dc32bad5d9a981d

For OS X Lion and Mountain Lion systems
The download file is named: JavaForOSX2013-002.dmg
Its SHA-1 digest is: 47e38cf089a6a7bba9e2b0b387fe09e2b77e10a6

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/




Spotlight

Intentional backdoors in iOS devices uncovered

Posted on 22 July 2014.  |  A researcher has revealed that Apple has equipped its mobile iOS with several undocumented features that can be used by attackers and law enforcement to access the sensitive data contained on the devices running it.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //