VYPR
Unrated severityNVD Advisory· Published Oct 24, 2013· Updated Jun 16, 2026

CVE-2013-5135

CVE-2013-5135

Description

Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username.

Affected products

22
  • cpe:2.3:a:apple:apple_remote_desktop:*:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:apple:apple_remote_desktop:*:*:*:*:*:*:*:*range: <=3.5.3
    • cpe:2.3:a:apple:apple_remote_desktop:3.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.5.2:*:*:*:*:*:*:*
    • (no CPE)range: <3.5.4
  • cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.4:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:*:supplemental_update:*:*:*:*:*:*range: <=10.8.5
    • (no CPE)range: <10.9

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.