PT-2003-2046 · Apple · Apple Quicktime/Darwin Streaming Server

Sir Mordred

Publicado

2003-12-31

Atualizado

2017-07-11

CVE-2003-1091

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Apple QuickTime/Darwin Streaming Server version 4.1.3

Description The issue is related to an integer overflow in MP3Broadcaster, which can be triggered by remote attackers sending malformed ID3 tags in MP3 files. This can cause a denial of service (crash) and potentially allow the execution of arbitrary code.

Recommendations For Apple QuickTime/Darwin Streaming Server version 4.1.3, consider updating to a newer version that addresses this issue, as no specific workaround is provided for this version.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2003-1091

Produtos afetados

Apple Quicktime/Darwin Streaming Server

PT-2003-2046 · Apple · Apple Quicktime/Darwin Streaming Server

CVE-2003-1091

Identificadores relacionados

Produtos afetados

Referências · 7