Directory Traversal Vulnerability in Apple QuickTime and Darwin Streaming Server
CVE-2003-0425

Currently unrated

Key Information:

Vendor: Apple
Status: Darwin Streaming Server
Vendor: CVE Published:; 27 August 2003

Summary

A directory traversal vulnerability exists in Apple QuickTime and Darwin Streaming Server, which allows remote attackers to manipulate HTTP requests and gain access to arbitrary files on the server. By using a crafted request with specific URL encoding (notably the triple dot sequence), an attacker can bypass security restrictions, potentially exposing sensitive information stored on the server. It is crucial for users and administrators to apply relevant updates to mitigate this risk effectively.

References

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/...

mailing-listx_refsource_VULNWATCH

http://www.rapid7.com/advisories/R7-0015.html

x_refsource_MISC

Timeline

Vulnerability published
Aug 27, 2003
Vulnerability Reserved
Jun 11, 2003