CVE-2013-5136

2013-10-23T23:48:48
ID CVE-2013-5136
Type cve
Reporter NVD
Modified 2013-10-24T20:53:28

Description

Apple Remote Desktop before 3.7 does not properly use server authentication-type information during decisions about whether to present an unencrypted-connection warning message, which allows remote attackers to obtain sensitive information in opportunistic circumstances by sniffing the network during an unintended cleartext VNC session.