Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0050

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0050
Last Modified 10 Sep 2008 08:05:26
Published 07 Mar 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0050

Summary

parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters.

Vulnerable Systems

Application

  • Apple Darwin Streaming Server 4.1.2

  • Apple Quicktime Streaming Server 4.1.1


References

BUGTRAQ - 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities

XF - quicktime-darwin-command-execution(11401)

CONFIRM - http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt

BID - 6954


Last Updated: 27 May 2016 10:37:46