Man-in-the-Middle Attack Exploiting Plugin Loading in Apple Mac OS X Software Update

Man-in-the-Middle Attack Exploiting Plugin Loading in Apple Mac OS X Software Update

CVE-2013-0973 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Software Update in Apple Mac OS X through 10.7.5 does not prevent plugin loading within the marketing-text WebView, which allows man-in-the-middle attackers to execute plugin code by modifying the client-server data stream.

Learn more about our Web App Pen Testing.