CVE-2003-1413
The CVE-2003-1413 entry concerns Apple Darwin Streaming Server 4.1.1, where parse_xml.cgi is vulnerable to a path-based check that leaks file existence information. By supplying a filename parameter containing ".." sequences, an attacker can trigger distinct error messages that allow remote deter...