Дата обнаружения
|
10/03/2016 |
Уровень угрозы
|
Warning |
Описание
|
Weak networking protocol usage was found in Apple Software Update. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via man-in-the-middle attack. Technical details Instead of usage HTTPS for downloading updates unprotected HTTP protocol was used. This vulnerability can lead to update data-stream spoofing. |
Пораженные продукты
|
Apple Software Update versions earlier than 2.2 |
Решение
|
Update to the latest version |
Первичный источник обнаружения
|
Apple Security Update |
Оказываемое влияние
?
|
ACE
[?]
|
Связанные продукты
|
Apple Software Update |
CVE-IDS
|
|
Узнай статистику распространения уязвимостей в твоем регионе |