10

CVE-2007-0749

Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleDarwin Streaming Server Version4.1.2
AppleDarwin Streaming Server Version5.0.1
AppleDarwin Streaming Server Version5.5.4
AppleDarwin Streaming Server Version4.1.3
   ApplemacOS X Server Version10.2.8
   ApplemacOS X Server Version10.3
   ApplemacOS X Server Version10.3.1
   ApplemacOS X Server Version10.3.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.49% 0.929
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://docs.info.apple.com/article.html?artnum=305495
Patch
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533
Patch
http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html
Patch
http://secunia.com/advisories/25193
Patch
Vendor Advisory
http://www.securityfocus.com/bid/23918
Patch
http://www.securitytracker.com/id?1018047
http://www.vupen.com/english/advisories/2007/1770
http://osvdb.org/35976
https://exchange.xforce.ibmcloud.com/vulnerabilities/34222