CVE-2003-1414
4.3
CVSS SCORE
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Description
Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
M
Confidentiality
P
Integrity
None
Availability
None
Affected Software Configurations
- a apple darwin_streaming_server 4.1.2 * * * * * * *
- a apple quicktime_streaming_server 4.1.1 * * * * * * *
Weaknesses (CWE)
- CWE-22
References & External Links
- http://securityreason.com/securityalert/3260
- http://www.securityfocus.com/archive/1/313517
- http://www.securityfocus.com/bid/6990
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11446
- http://securityreason.com/securityalert/3260
- http://www.securityfocus.com/archive/1/313517
- http://www.securityfocus.com/bid/6990
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11446