Apple Remote Desktop prior to 3.6.1 does not recognize the "Encrypt all network data" setting during connections to third-party VNC servers, which allows remote malicious users to obtain cleartext VNC session content by sniffing the network.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple apple remote desktop 3.5.3 |
||
apple apple remote desktop 3.5.2 |
||
apple apple remote desktop 3.6.0 |