CVE-2003-1414
- EPSS 2.66%
- Published 31.12.2003 05:00:00
- Last modified 03.04.2025 01:03:51
Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter.
CVE-2003-0050
- EPSS 87.79%
- Published 07.03.2003 05:00:00
- Last modified 03.04.2025 01:03:51
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters.
- EPSS 0.49%
- Published 07.03.2003 05:00:00
- Last modified 03.04.2025 01:03:51
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter.
- EPSS 0.76%
- Published 07.03.2003 05:00:00
- Last modified 03.04.2025 01:03:51
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories.
CVE-2003-0053
- EPSS 0.48%
- Published 07.03.2003 05:00:00
- Last modified 03.04.2025 01:03:51
Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into...
CVE-2003-0054
- EPSS 0.79%
- Published 07.03.2003 05:00:00
- Last modified 03.04.2025 01:03:51
Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a lo...