VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Oct 24, 2013· Updated Apr 29, 2026

CVE-2013-5135

CVE-2013-5135

Description

Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username.

Affected products

20
  • Apple Inc./Remote Desktop13 versions
    cpe:2.3:a:apple:apple_remote_desktop:*:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:apple:apple_remote_desktop:*:*:*:*:*:*:*:*range: <=3.5.3
    • cpe:2.3:a:apple:apple_remote_desktop:3.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_remote_desktop:3.5.2:*:*:*:*:*:*:*
  • Apple Inc./Mac Os X7 versions
    cpe:2.3:o:apple:mac_os_x:*:supplemental_update:*:*:*:*:*:*+ 6 more
    • cpe:2.3:o:apple:mac_os_x:*:supplemental_update:*:*:*:*:*:*range: <=10.8.5
    • cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.4:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.