First published: Wed Aug 22 2012(Updated: )
Apple Remote Desktop before 3.6.1 does not recognize the "Encrypt all network data" setting during connections to third-party VNC servers, which allows remote attackers to obtain cleartext VNC session content by sniffing the network.
Credit: product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Apple Remote Desktop | =3.5.2 | |
Apple Apple Remote Desktop | =3.5.3 | |
Apple Apple Remote Desktop | =3.6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.