這篇文章已封存,而且 Apple 也不會再更新。

About the security content of Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11

Learn about the security content of Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11.

Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11

  • Java

Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later

Impact: Multiple vulnerabilities in Java 1.6.0_35

Description: Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html

CVE-ID

CVE-2012-1531

CVE-2012-1532

CVE-2012-1533

CVE-2012-3143

CVE-2012-3159

CVE-2012-3216

CVE-2012-4416

CVE-2012-5068

CVE-2012-5069

CVE-2012-5071

CVE-2012-5072

CVE-2012-5073

CVE-2012-5075

CVE-2012-5077

CVE-2012-5079

CVE-2012-5081

CVE-2012-5083

CVE-2012-5084

CVE-2012-5086

CVE-2012-5089

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

發佈日期: