CVE-2007-0748

3 documents3 sources

Severity

10.0CRITICAL

EPSS

20.3%

top 4.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Darwin Streaming Server

Timeline

PublishedMay 13

Latest updateMay 1

Description

Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDapple/darwin_streaming_server4 versions+3

Patches

Patch: docs.info.apple.com ↗Patch: labs.idefense.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-gh24-rhjp-h83v: Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5↗2022-05-01

▶

CVEList

CVE-2007-0748: Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5↗2007-05-13

▶