Apple Remote Desktop before 3.6.1 does not recognize the Encrypt all network data setting during connections to third-party VNC servers, which allows remote attackers to obtain cleartext VNC session content by sniffing the network.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Apple_remote_desktop | Apple | 3.5.3 | 3.5.3 |
Apple_remote_desktop | Apple | 3.6.0 | 3.6.0 |
Apple_remote_desktop | Apple | 3.5.2 | 3.5.2 |