PT-2003-1335 · Apple · Apple Darwin Streaming Administration Server+1

Dave G

Published

2003-03-07

Updated

2016-10-18

CVE-2003-0050

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Darwin Streaming Administration Server version 4.1.2 QuickTime Streaming Server version 4.1.1

Description The issue allows remote attackers to execute arbitrary code via shell metacharacters in the parse xml.cgi component.

Recommendations For Darwin Streaming Administration Server version 4.1.2, update to a version that fixes the issue with parse xml.cgi. For QuickTime Streaming Server version 4.1.1, update to a version that fixes the issue with parse xml.cgi.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0050

Affected Products

Apple Darwin Streaming Administration Server

Quicktime Streaming Server

PT-2003-1335 · Apple · Apple Darwin Streaming Administration Server+1

CVE-2003-0050

Related Identifiers

Affected Products

References · 7