CVE-2013-0973 Information

Description

Software Update in Apple Mac OS X through 10.7.5 does not prevent plugin loading within the marketing-text WebView which allows man-in-the-middle attackers to execute plugin code by modifying the client-server data stream.

Reference

http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html