First published: Sat Nov 14 2015(Updated: )
The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box.
Credit: product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Mac OS X | <=10.8.5 | |
Apple Apple Remote Desktop | <=3.6.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.