Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Apple Remote Desktop Security Vulnerabilities

cve
cve

CVE-2004-0962

Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple Remote Desktop Administrator application, which allows remote authenticated users to execute arbitrary code when loginwindow is active via Fast User Switching.

7.5AI Score

0.008EPSS

2005-02-09 05:00 AM
34
cve
cve

CVE-2006-4413

Apple Remote Desktop before 3.1 uses insecure permissions for certain built-in packages, which allows local users on an Apple Remote Desktop administration system to modify the packages and gain root privileges on client systems that use the packages.

6.6AI Score

0.0004EPSS

2006-11-18 01:07 AM
36
cve
cve

CVE-2006-4887

Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. NOTE: it could be argued that the issue is ...

6.9AI Score

0.001EPSS

2006-09-19 09:07 PM
46
cve
cve

CVE-2012-0681

Apple Remote Desktop before 3.6.1 does not recognize the "Encrypt all network data" setting during connections to third-party VNC servers, which allows remote attackers to obtain cleartext VNC session content by sniffing the network.

6.1AI Score

0.002EPSS

2012-08-22 10:42 AM
26
cve
cve

CVE-2013-5135

Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username.

7.6AI Score

0.017EPSS

2013-10-24 03:48 AM
27
cve
cve

CVE-2013-5136

Apple Remote Desktop before 3.7 does not properly use server authentication-type information during decisions about whether to present an unencrypted-connection warning message, which allows remote attackers to obtain sensitive information in opportunistic circumstances by sniffing the network duri...

5.6AI Score

0.003EPSS

2013-10-24 03:48 AM
31
cve
cve

CVE-2013-5229

The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box.

6.3AI Score

0.002EPSS

2015-11-14 03:59 AM
37
cve
cve

CVE-2017-2488

A cryptographic weakness existed in the authentication protocol of Remote Desktop. This issue was addressed by implementing the Secure Remote Password authentication protocol. This issue is fixed in Apple Remote Desktop 3.9. An attacker may be able to capture cleartext passwords.

7.5CVSS

6.6AI Score

0.002EPSS

2021-12-23 08:15 PM
119