Vulnerabilities > Apple > Quicktime Streaming Server > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-01-10 | CVE-2004-1123 | Unspecified vulnerability in Apple products Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte. | 5.0 |
2004-12-02 | CVE-2004-1089 | Remote And Local vulnerability in Apple Mac OS X Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users. | 4.6 |
2004-12-02 | CVE-2004-1084 | Remote And Local vulnerability in Apple Mac OS X Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. | 5.0 |
2003-12-31 | CVE-2003-1414 | Path Traversal vulnerability in Apple products Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... | 4.3 |
2003-12-31 | CVE-2003-1413 | Path Traversal vulnerability in Apple products parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | 4.3 |
2003-03-07 | CVE-2003-0053 | Cross-Site Scripting vulnerability in Apple products Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message. network apple | 4.3 |
2003-03-07 | CVE-2003-0052 | Unspecified vulnerability in Apple products parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories. | 5.0 |
2003-03-07 | CVE-2003-0051 | Remote Path Disclosure vulnerability in Apple products parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter. | 5.0 |