CVE-2004-1084

3 documents3 sources

Severity

5.0MEDIUM

EPSS

0.5%

top 33.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Darwin Streaming Server Apple MAC OS X Apple MAC OS X Server +1 more

Timeline

PublishedDec 2

Latest updateApr 29

Description

Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

▶NVDapple/mac_os_x16 versions+15

▶NVDapple/mac_os_x_server16 versions+15

▶NVDapple/darwin_streaming_server4.1.3, 5.0.1+1

▶NVDapple/quicktime_streaming_server4.1.1

Patches

Patch: lists.apple.com ↗Patch: secunia.com ↗Patch: www.ciac.org ↗

🔴Vulnerability Details

GHSA

GHSA-v596-vjc3-278x: Apache for Apple Mac OS X 10↗2022-04-29

▶

CVEList

CVE-2004-1084: Apache for Apple Mac OS X 10↗2005-04-14

▶