Apple Remote Desktop Format String Vulnerability

Last Update Date: 24 Oct 2013 10:48 Release Date: 24 Oct 2013 3745 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Mac OS

TYPE: Mac OS

A vulnerability has been identified in Apple Remote Desktop. A remote user can execute arbitrary code on the target system.

  1. A remote user can send specially crafted VNC username data to trigger a format string flaw and execute arbitrary code on the target system.
  2. The system may fail to warn the user when VNC is used without encryption.

Impact

  • Remote Code Execution

System / Technologies affected

  • Version 3.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • The vendor has issued a fix (3.5.4, 3.7).

Vulnerability Identifier

Source

Related Link

Share with

Previous

Cisco IOS XR Fragmented Packet Processing Vulnerability

24 Oct 2013 3792 Views

Next

Apple Safari Multiple Vulnerabilities

24 Oct 2013 3619 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY