CVE-2003-0502

4 documents4 sources

Severity

10.0CRITICAL

EPSS

1.8%

top 17.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Darwin Streaming Server

Timeline

PublishedAug 27

Latest updateApr 29

Description

Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0421.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDapple/darwin_streaming_server4.1.3g

🔴Vulnerability Details

GHSA

GHSA-7854-5v42-f557: Apple QuickTime / Darwin Streaming Server before 4↗2022-04-29

▶

CVEList

CVE-2003-0502: Apple QuickTime / Darwin Streaming Server before 4↗2003-07-25

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Outlook 2003 - Predictable File Location↗2004-05-10

▶