7.5
CVE-2004-1083
- EPSS 1.91%
- Published 03.12.2004 05:00:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization.
Data is provided by the National Vulnerability Database (NVD)
Apple ≫ Darwin Streaming Server Version4.1.3
Apple ≫ Darwin Streaming Server Version5.0.1
Apple ≫ Quicktime Streaming Server Version4.1.1
Apple ≫ macOS X Server Version10.2
Apple ≫ macOS X Server Version10.2.1
Apple ≫ macOS X Server Version10.2.2
Apple ≫ macOS X Server Version10.2.3
Apple ≫ macOS X Server Version10.2.4
Apple ≫ macOS X Server Version10.2.5
Apple ≫ macOS X Server Version10.2.6
Apple ≫ macOS X Server Version10.2.7
Apple ≫ macOS X Server Version10.2.8
Apple ≫ macOS X Server Version10.3
Apple ≫ macOS X Server Version10.3.1
Apple ≫ macOS X Server Version10.3.2
Apple ≫ macOS X Server Version10.3.3
Apple ≫ macOS X Server Version10.3.4
Apple ≫ macOS X Server Version10.3.5
Apple ≫ macOS X Server Version10.3.6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.91% | 0.816 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-178 Improper Handling of Case Sensitivity
The product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.