CVE-2004-1123

3 documents3 sources

Severity

5.0MEDIUM

EPSS

0.8%

top 26.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Darwin Streaming Server Apple MAC OS X Apple MAC OS X Server +1 more

Timeline

PublishedJan 10

Latest updateApr 29

Description

Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

▶NVDapple/darwin_streaming_server4.1.3, 5.0.1+1

▶NVDapple/quicktime_streaming_server4.1.1

▶NVDapple/mac_os_x_server16 versions+15

▶NVDapple/mac_os_x16 versions+15

Patches

Patch: www.idefense.com ↗Patch: www.idefense.com ↗

🔴Vulnerability Details

GHSA

GHSA-xhrw-53w4-q6mr: Darwin Streaming Server 5↗2022-04-29

▶

CVEList

CVE-2004-1123: Darwin Streaming Server 5↗2004-12-05

▶