CVE-2003-0425 — Path Traversal in Apple Darwin Streaming Server

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

1.9%

top 16.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Darwin Streaming Server

Timeline

PublishedAug 27

Latest updateApr 29

Description

Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to read arbitrary files via a ... (triple dot) in an HTTP request.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/darwin_streaming_server4.1.3

🔴Vulnerability Details

GHSA

GHSA-74c6-q6wh-qj3x: Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4↗2022-04-29

▶

CVEList

CVE-2003-0425: Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4↗2003-07-25

▶