Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0054


Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0054
Last Modified 10 Sep 2008 08:05:27
Published 07 Mar 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser.

Vulnerable Systems


  • Apple Darwin Streaming Server 4.1.2

  • Apple Quicktime Streaming Server 4.1.1


BUGTRAQ - 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities

XF - quicktime-darwin-describe-xss(11405)


BID - 6960

Last Updated: 27 May 2016 10:37:46