Darwin Streaming Server Security Vulnerabilities and Issues — Darwin Streaming Server CVE List

Lucene search

AppleDarwin Streaming Server

10 matches found

CVE•added 2004/09/01 4:0 a.m.•49 views

CVE-2003-0051

parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter.

5CVSS5.8AI score0.00492EPSS

CVE•added 2005/07/18 4:0 a.m.•49 views

CVE-2005-2195

Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502...

5CVSS6.3AI score0.00897EPSS

CVE•added 2004/09/01 4:0 a.m.•39 views

CVE-2003-0052

parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories.

5CVSS6.3AI score0.0076EPSS

CVE•added 2003/08/27 4:0 a.m.•39 views

CVE-2003-0424

Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space (%20) or . (%2e) characters to an HTTP request for the script, e.g. view_broadcast.cgi.

5CVSS6.5AI score0.00587EPSS

CVE•added 2005/04/14 4:0 a.m.•39 views

CVE-2004-1084

Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.

5CVSS8AI score0.00518EPSS

CVE•added 2005/01/10 5:0 a.m.•39 views

CVE-2004-1123

Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte.

5CVSS9.2AI score0.00786EPSS

CVE•added 2003/08/27 4:0 a.m.•38 views

CVE-2003-0422

Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via a request to view_broadcast.cgi that does not contain the required parameters.

5CVSS6.2AI score0.00655EPSS

CVE•added 2004/09/01 4:0 a.m.•37 views

CVE-2004-0169

QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function.

5CVSS6.3AI score0.01913EPSS

CVE•added 2003/08/27 4:0 a.m.•34 views

CVE-2003-0425

Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to read arbitrary files via a ... (triple dot) in an HTTP request.

5CVSS6.2AI score0.01852EPSS

CVE•added 2003/08/27 4:0 a.m.•30 views

CVE-2003-0423

parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter.

5CVSS6.3AI score0.00587EPSS