Vulnerabilities

CVE-2013-5136

by Fred · 23/10/2013

Apple Remote Desktop before 3.7 does not properly use server authentication-type information during decisions about whether to present an unencrypted-connection warning message, which allows remote attackers to obtain sensitive information in opportunistic circumstances by sniffing the network during an unintended cleartext VNC session.

Date published : 2013-10-23

http://lists.apple.com/archives/security-announce/2013/Oct/msg00008.html

Similar

Tags: Cybersecurity Alert