Detect date
?
|
03/10/2016 |
Severity
?
|
Warning |
Description
|
Weak networking protocol usage was found in Apple Software Update. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via man-in-the-middle attack. Technical details Instead of usage HTTPS for downloading updates unprotected HTTP protocol was used. This vulnerability can lead to update data-stream spoofing. |
Affected products
|
Apple Software Update versions earlier than 2.2 |
Solution
|
Update to the latest version |
Original advisories
|
|
Impacts
?
|
ACE [?] |
Related products
|
Apple Software Update |
CVE-IDS
?
|
|
Find out the statistics of the vulnerabilities spreading in your region |