CVE-2003-0053

Currently unrated

Key Information:

Vendor: Apple
Status: Quicktime Streaming Server; Darwin Streaming Server
Vendor: CVE Published:; 7 March 2003

Summary

Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message.

References

http://lists.apple.com/archives/security-announce/2003/Fe...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/6958

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/11404.php

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Mar 7, 2003
Vulnerability Reserved
Jan 28, 2003