CyberSec.Space Logo
Back to CVE Browser

CVE-2004-0962

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0840%
EPSS Percentile32.36th
PublishedFeb 9, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple Remote Desktop Administrator application, which allows remote authenticated users to execute arbitrary code when loginwindow is active via Fast User Switching.

Affected Platforms (CPE)

📦
Apple

Apple Remote Desktop

= 2.0.0

References & Advisories

🔗 http://lists.apple.com/archives/security-announce/2004/Oct/msg00002.html
🔗 http://lists.apple.com/archives/security-announce/2004/Oct/msg00002.html

Related Vulnerabilities

CVE-2008-25409.3

Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecogni...

CVE-2017-24887.5

A cryptographic weakness existed in the authentication protocol of Remote Desktop. This issue was addressed by implementing the Se...

CVE-2013-51357.5

Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows re...

CVE-2006-48877.2

Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain a...