Vulnerability Details CVE-2003-1414
Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 85.3%
CVSS Severity
CVSS v2 Score 4.3
References
- http://securityreason.com/securityalert/3260
- http://www.securityfocus.com/archive/1/313517
- http://www.securityfocus.com/bid/6990
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11446
- http://securityreason.com/securityalert/3260
- http://www.securityfocus.com/archive/1/313517
- http://www.securityfocus.com/bid/6990
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11446
Products affected by CVE-2003-1414
-
cpe:2.3:a:apple:darwin_streaming_server:4.1.2
-
cpe:2.3:a:apple:quicktime_streaming_server:4.1.1