Lucene search
K
AppleQuicktime Streaming Server

16 matches found

CVE
CVE
added 2007/10/20 10:0 a.m.71 views

CVE-2003-1414

CVE-2003-1414 describes a directory traversal vulnerability in the parse_xml.cgi component of Apple Darwin Streaming Server 4.1.2 and Apple QuickTime Streaming Server 4.1.1. The issue allows remote attackers to read arbitrary files by manipulating the filename parameter. The vulnerability affects...

4.3CVSS6.3AI score0.04456EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.68 views

CVE-2003-0050

The CVE-2003-0050 issue affects Apple’s Darwin Streaming Administration Server (v4.1.2) and QuickTime Streaming Server (v4.1.1). It stems from parse_xml.cgi, where shell metacharacters injected by an attacker enable remote code execution. Multiple sources (NVD, CVE list, OpenVAS-style advisories)...

7.5CVSS7.3AI score0.68858EPSS
Web
CVE
CVE
added 2004/09/01 4:0 a.m.63 views

CVE-2003-0051

CVE-2003-0051 affects Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1, where parse_xml.cgi can reveal the server installation’s physical path via a NULL file parameter. The issue enables remote access to sensitive path information and is part of a set of re...

5CVSS5.8AI score0.0206EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.63 views

CVE-2003-0054

CVE-2003-0054 affects Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1. The issue enables remote code execution when an unauthenticated request to port 7070 includes a script argument to the rtsp DESCRIBE method; the script is written to a log file and execu...

7.5CVSS6.7AI score0.02344EPSS
CVE
CVE
added 2005/04/14 4:0 a.m.61 views

CVE-2004-1087

Technical details about CVE-2004-1087 are not publicly available in the provided connected documents. The initial note describes a UI indicator issue on Mac OS X 10.3.6, but no specifics, fixes, or affected versions are given here. Monitor for updates.

2.1CVSS8.8AI score0.00353EPSS
CVE
CVE
added 2007/10/20 10:0 a.m.60 views

CVE-2003-1413

The CVE-2003-1413 entry concerns Apple Darwin Streaming Server 4.1.1, where parse_xml.cgi is vulnerable to a path-based check that leaks file existence information. By supplying a filename parameter containing ".." sequences, an attacker can trigger distinct error messages that allow remote deter...

4.3CVSS6.7AI score0.01209EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.58 views

CVE-2003-0053

CVE-2003-0053 describes an XSS vulnerability in parse_xml.cgi used by Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1. An attacker can supply a crafted filename parameter, which is reflected in an error message, allowing arbitrary script execution in the vi...

4.3CVSS5.5AI score0.01817EPSS
CVE
CVE
added 2005/04/14 4:0 a.m.58 views

CVE-2004-1083

Apache on Apple Mac OS X 10.2.8 and 10.3.6 is affected by a vulnerability arising from case-sensitivity handling: Apache restricts file access in a case-sensitive way while the HFS+ filesystem on Mac is case-insensitive, allowing remote attackers to read .DS_Store and files starting with ".ht" vi...

7.5CVSS7.3AI score0.01878EPSS
CVE
CVE
added 2005/04/14 4:0 a.m.57 views

CVE-2004-1085

The CVE-2004-1085 vulnerability affects Apple Mac OS X 10.3.6 HIToolBox. It allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode. The provided documents do not include any exploit details or remediation steps. No broader impact ...

2.1CVSS8AI score0.00336EPSS
CVE
CVE
added 2005/04/14 4:0 a.m.56 views

CVE-2004-1086

Technical details about CVE-2004-1086 are not publicly available in the provided connected documents; no specific affected product versions beyond Mac OS X 10.3.6 are disclosed. Monitor for updates.

7.5CVSS9.1AI score0.03372EPSS
CVE
CVE
added 2004/12/05 5:0 a.m.56 views

CVE-2004-1123

CVE-2004-1123 affects Darwin Streaming Server 5.0.1 (and possibly earlier) where a DESCRIBE request containing a null-byte location may crash the server, causing a denial of service. The vulnerability is remote and unauthenticated, leading to a partial availability impact as noted in the CVSS vec...

5CVSS9.2AI score0.01287EPSS
CVE
CVE
added 2005/04/14 4:0 a.m.55 views

CVE-2004-1081

The CVE-2004-1081 issue affects Apple Mac OS X AppKit in versions 10.2.8 and 10.3.6, where the secure text input field is not properly restricted. This allows local users to read keyboard input from other applications within the same window session, compromising confidentiality (described as PART...

2.1CVSS7.9AI score0.00338EPSS
CVE
CVE
added 2005/04/14 4:0 a.m.54 views

CVE-2004-1088

Postfix server for Apple Mac OS X 10.3.6 vulnerable when using CRAM-MD5: remote attackers can send mail without authentication by replaying authentication information. Reported CVSSv2 base score 7.5 (HIGH) with network attack vector and low attack complexity. The provided documents do not specify...

7.5CVSS8.8AI score0.01651EPSS
CVE
CVE
added 2005/04/14 4:0 a.m.52 views

CVE-2004-1084

The CVE-2004-1084 entry describes an Apache on Mac OS X vulnerability affecting versions 10.2.8 and 10.3.6 where remote attackers can read files and resource fork content via HTTP requests to specially named HFS+ data streams, bypassing Apache file handles. The root cause is related to how HFS+ d...

5CVSS8AI score0.01644EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.51 views

CVE-2003-0052

CVE-2003-0052 applies to Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1, where parse_xml.cgi allows remote attackers to list arbitrary directories due to unvalidated input. Public sources (ATstake advisory, vendor notices) describe it as a directory-listin...

5CVSS6.3AI score0.01362EPSS
CVE
CVE
added 2005/04/14 4:0 a.m.48 views

CVE-2004-1089

CVE-2004-1089 affects Apple Mac OS X 10.3.6 Server when using Kerberos authentication with Cyrus IMAP. The vulnerability, as described in the initial document, allows local users to access mailboxes of other users, indicating an information disclosure / mailbox access issue arising from the Cyrus...

4.6CVSS8.2AI score0.00343EPSS