CVE-2003-1413
Severity
4.3MEDIUM
EPSS
0.3%
top 49.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 31
Latest updateApr 29
Description
parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages.
CVSS vector
AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9