CVE-2003-1414

Currently unrated

Key Information:

Vendor: Apple
Status: Quicktime Streaming Server; Darwin Streaming Server
Vendor: CVE Published:; 31 December 2003

Summary

Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter.

References

http://securityreason.com/securityalert/3260

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/313517

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/6990

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 19, 2007
Vulnerability published
Dec 31, 2003