Ollie Whitehouse

**Name of the Vulnerable Software and Affected Versions** McAfee WebShield versions 4.5 MR2 and earlier **Description** The issue is related to a format string vulnerability in the SMTP server. This vulnerability allows remote attackers to execute arbitrary code via format strings in the domain name portion of a destination address. The vulnerability occurs because these format strings are not properly handled when a bounce message is constructed. **Recommendations** For McAfee WebShield versions 4.5 MR2 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Office versions 2000 SP3 through XP SP3 Description: A remote code execution issue exists, allowing attackers to execute arbitrary code via a specially crafted routing slip within an Office document. This could enable an attacker to take complete control of the affected system. The issue has been exploited by malware in attacks against PowerPoint. Recommendations: For Microsoft Office versions 2000 SP3 through XP SP3, consider disabling the routing slip feature until a patch is available to prevent exploitation. Restrict access to Office documents from untrusted sources to minimize the risk of remote code execution.

**Name of the Vulnerable Software and Affected Versions** Darwin Streaming Administration Server version 4.1.2 QuickTime Streaming Server version 4.1.1 **Description** A cross-site scripting issue allows remote attackers to insert arbitrary script via the `filename` parameter, which is inserted into an error message. This occurs in the `parse xml.cgi` component. **Recommendations** For Darwin Streaming Administration Server version 4.1.2, avoid using the `filename` parameter in the affected API endpoint until the issue is resolved. For QuickTime Streaming Server version 4.1.1, restrict access to the `parse xml.cgi` component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apple Darwin Streaming Administration Server version 4.1.2 Apple QuickTime Streaming Server version 4.1.1 **Description** The issue allows remote attackers to obtain the physical path of the server's installation path. This is achieved through the `parse xml.cgi` component when a NULL file parameter is provided. **Recommendations** For Apple Darwin Streaming Administration Server version 4.1.2, update to a newer version that contains a fix for this issue. For Apple QuickTime Streaming Server version 4.1.1, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Apple Darwin Streaming Administration Server version 4.1.2 Apple QuickTime Streaming Server version 4.1.1 **Description** The issue is related to a buffer overflow in the MP3 broadcasting module, which allows remote attackers to execute arbitrary code via a long filename. **Recommendations** For Apple Darwin Streaming Administration Server version 4.1.2, update to a version that fixes the buffer overflow issue in the MP3 broadcasting module. For Apple QuickTime Streaming Server version 4.1.1, update to a version that fixes the buffer overflow issue in the MP3 broadcasting module.

**Name of the Vulnerable Software and Affected Versions** Apple Darwin Streaming Administration Server version 4.1.2 Apple QuickTime Streaming Server version 4.1.1 **Description** The issue allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the `rtsp` `DESCRIBE` method. This script is inserted into a log file and executed when the log is viewed using a browser. **Recommendations** For Apple Darwin Streaming Administration Server version 4.1.2, consider restricting access to port 7070 to minimize the risk of exploitation. For Apple QuickTime Streaming Server version 4.1.1, avoid using the `rtsp` `DESCRIBE` method with untrusted input until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Darwin Streaming Administration Server version 4.1.2 QuickTime Streaming Server version 4.1.1 **Description** The issue allows remote attackers to list arbitrary directories via the parse xml.cgi script. **Recommendations** For Darwin Streaming Administration Server version 4.1.2, update to a version that fixes this issue. For QuickTime Streaming Server version 4.1.1, update to a version that fixes this issue.