CVE-2003-1414
- EPSS 4.46%
- Veröffentlicht 31.12.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:04:23
Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter.
CVE-2003-0050
- EPSS 68.86%
- Veröffentlicht 07.03.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:01:25
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters.
- EPSS 2.06%
- Veröffentlicht 07.03.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:01:25
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter.
- EPSS 1.36%
- Veröffentlicht 07.03.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:01:25
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories.
CVE-2003-0053
- EPSS 1.82%
- Veröffentlicht 07.03.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:01:25
Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into...
CVE-2003-0054
- EPSS 2.34%
- Veröffentlicht 07.03.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:01:25
Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a lo...