CyberSec.Space Logo
Back to CVE Browser

CVE-2003-0502

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1590%
EPSS Percentile12.21th
PublishedAug 27, 2003
Last ModifiedApr 16, 2026

Vulnerability Description

Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0421.

Affected Platforms (CPE)

πŸ“¦
Apple

Darwin Streaming Server

<= 4.1.3g

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0040.html
πŸ”— http://www.rapid7.com/advisories/R7-0015.html
πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0040.html
πŸ”— http://www.rapid7.com/advisories/R7-0015.html

Related Vulnerabilities

CVE-2003-042610.0

The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assista...

CVE-2007-074810.0

Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attacke...

CVE-2003-042110.0

Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via an MS-DOS...

CVE-2007-074910.0

Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Str...