CVE-2005-2195

5 documents4 sources

Severity

5.0MEDIUM

EPSS

0.8%

top 26.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Darwin Streaming Server

Timeline

PublishedJul 18

Latest updateMay 1

Description

Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/darwin_streaming_server5.5

Patches

Patch: secway.org ↗Patch: secway.org ↗

🔴Vulnerability Details

GHSA

GHSA-9g7g-grc6-f65g: Apple Darwin Streaming Server 5↗2022-05-01

▶

CVEList

CVE-2005-2195: Apple Darwin Streaming Server 5↗2005-07-17

▶

💥Exploits & PoCs

Exploit-DB

Veritas NetBackup 4/5 - Volume Manager Daemon Remote Buffer Overflow↗2006-01-16

▶

Exploit-DB

RealNetworks RealPlayer 10 - '.smil' Local Buffer Overflow↗2005-03-07

▶