CVE Vulnerabilities

CVE-2012-0681

Published: Aug 22, 2012 | Modified: Apr 02, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Apple Remote Desktop before 3.6.1 does not recognize the Encrypt all network data setting during connections to third-party VNC servers, which allows remote attackers to obtain cleartext VNC session content by sniffing the network.

Affected Software

Name Vendor Start Version End Version
Apple_remote_desktop Apple 3.5.2 3.5.2
Apple_remote_desktop Apple 3.5.3 3.5.3
Apple_remote_desktop Apple 3.6.0 3.6.0

References