3024 matches found
CVE-2003-0053
Cross-site scripting XSS vulnerability in parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message...
Re: QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Word. I've found two other issues in QuickTime Streaming Server v4.1.1 that seem to be fixed in the newest v4.1.3: 1. File probing: Request: http://localhost:1220/parsexml.cgi?filename=../nonexistent Response: 'Can't access HTML file '../nonexistent'!...
Apple QuickTimeDarwin Streaming Server 4.1.x - parse_xml.cgi File Disclosure
Apple QuickTimeDarwin Streaming Server 4.1.x - parsexml.cgi File Disclosure source: https://www.securityfocus.com/bid/6990/info A file retrieval vulnerability has been reported for QuickTime/Darwin Streaming Server. The vulnerability exists due to insufficient sanitization of some parameters give...
Apple QuickTime/Darwin Streaming Server 4.1.x - 'parse_xml.cgi' File Disclosure
source: https://www.securityfocus.com/bid/6990/info A file retrieval vulnerability has been reported for QuickTime/Darwin Streaming Server. The vulnerability exists due to insufficient sanitization of some parameters given to the parsexml.cgi script. Information obtained in this manner may be use...
Apple QuickTime/Darwin Streaming Server Multiple Remote Vulnerabilities
The remote host is running Apple QuickTime Streaming Server. There are multiple flaws in this version : Remote code execution vulnerability by default with root privileges 2 Cross-Site Scripting vulnerabilities Path Disclosure vulnerability Arbitrary Directory listing vulnerability Buffer overflo...
QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities Release Date: 03-24-2003 Application: Darwin Streaming Server 4.1.2 QuickTime Streaming Server 4.1.1 Platform: MacO...
CVE-2002-0376
Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field...
CVE-2002-0252
Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header...
CVE-2002-0252
Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header...
CVE-2002-0252
CVE-2002-0252 affects Apple QuickTime Player 5.01 and 5.02. A buffer overflow is triggered by a remote web server sending a response with a long Content-Type MIME header, allowing arbitrary code execution. The vulnerability is tied to the Content-Type handling in the RTSP/HTTP response parsing. E...
Auto file execution vulnerability in Mac OS
Auto file execution vulnerability in Mac OS http://homepage.mac.com/vmconverter/macautoexecvuln.html Overview We found a vulnerability in Mac OS and Mac OS X with Classic Environment. If victims only browse malicious web-page; 1.Browsers start automatically download a compressed disc-image file...
[SPSadvisory#46]Apple QuickTime Player "Content-Type" Buffer Overflow
SPS Advisory 46 Apple QuickTime Player "Content-Type" Buffer Overflow UNYUN [email protected] Shadow Penguin Security http://www.shadowpenguin.org ---------------------------------------------------------------------- Date =================== Feb. 9, 2002 Vulnerable ===================...
Apple QuickTime 5.0 - Content-Type Remote Buffer Overflow
Apple QuickTime 5.0 - Content-Type Remote Buffer Overflow // source: https://www.securityfocus.com/bid/4064/info Apple QuickTime is a freely available media player. It runs on a number of platforms including MacOS and Windows 9x/ME/NT/2000/XP operating systems. Apple QuickTime For Windows does no...
Apple QuickTime 5.0 - Content-Type Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/4064/info Apple QuickTime is a freely available media player. It runs on a number of platforms including MacOS and Windows 9x/ME/NT/2000/XP operating systems. Apple QuickTime For Windows does not perform sufficient bounds checking of the "Content-Type"...
CVE-2001-0198
Buffer overflow in QuickTime Player plugin 4.1.2 Japanese allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag...
CVE-2001-0198
Buffer overflow in QuickTime Player plugin 4.1.2 Japanese allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag...
CVE-2001-0198
The CVE-2001-0198 issue affects the QuickTime Player plugin 4.1.2 (Japanese). The root cause is a buffer overflow caused by a long HREF parameter in an EMBED tag, allowing remote attackers to execute arbitrary commands. Public references describe a remote buffer overflow exploit via a crafted HTM...
Дырка в Apple Quick Time Plug-in
Переполнение буфера при разборе тага EMBED...
CVE-2022-3953
Removed by vendor...
CVE-2022-3755
Removed by vendor...