CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0422
https://notcve.org/view.php?id=CVE-2003-0422
Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via a request to view_broadcast.cgi that does not contain the required parameters. Apple QuickTime / Darwin Streaming Server anteriores a 4.1.3f permite a atacantes remotos causar una denegación de servicio (caída) mediante una petición a view_broadcast.cgi que no contengan los parámetro requeridos. • http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0040.html http://www.rapid7.com/advisories/R7-0015.html •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1CVE-2003-0424
https://notcve.org/view.php?id=CVE-2003-0424
Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space (%20) or . (%2e) characters to an HTTP request for the script, e.g. view_broadcast.cgi. Apple Quicktime / Darwin Streamin Server anteriores a 4.1.3f permite a atacantes remotos obtener el código fuente de scritps añadiendo a las peticiones al peticiones HTTP al mismo caractéres espacio (%20) o punto (%2e), por ejemplo a view_broadcast.cgi. • http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0040.html http://www.rapid7.com/advisories/R7-0015.html •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0052
https://notcve.org/view.php?id=CVE-2003-0052
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories. parse_xml.cgi en Apple Darwin Streaming Administration Server 4.1.2 y QuickTime Streaming Server 4.1.1 permite a atacantes remotos realizar un listado arbitrario de directorios. • http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt http://marc.info/?l=bugtraq&m=104618904330226&w=2 http://www.iss.net/security_center/static/11403.php http://www.securityfocus.com/bid/6955 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0051
https://notcve.org/view.php?id=CVE-2003-0051
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter. parse_xml.cgi en Apple Darwin Streaming Administration Server 4.1.2 y QuickTime Streaming Server 4.1.1 permite a atacantes remotos obtener la ruta de instalación del servidor mediante un parámetro file igual a NULL. • http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt http://marc.info/?l=bugtraq&m=104618904330226&w=2 http://www.iss.net/security_center/static/11402.php http://www.securityfocus.com/bid/6956 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0053
https://notcve.org/view.php?id=CVE-2003-0053
Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en parse_xml.cgi de Apple Darwin Streaming Administration Server 4.1.2 y QuickTime Streaming Server 4.1.1 permite a atacantes remotos la inserción de código arbitrario mediante el parámetro filename, insertado a través de un mensaje de error. • http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt http://marc.info/?l=bugtraq&m=104618904330226&w=2 http://www.iss.net/security_center/static/11404.php http://www.securityfocus.com/bid/6958 •