CVE-2004-0169

3 documents3 sources

Severity

5.0MEDIUM

EPSS

1.9%

top 16.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Darwin Streaming Server

Timeline

PublishedMar 15

Latest updateApr 29

Description

QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/darwin_streaming_server4.1.3

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-3q32-c332-68rh: QuickTime Streaming Server in MacOS X 10↗2022-04-29

▶

CVEList

CVE-2004-0169: QuickTime Streaming Server in MacOS X 10↗2004-09-01

▶