CyberSec.Space Logo
Back to CVE Browser

CVE-2007-0749

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0490%
EPSS Percentile7.64th
PublishedMay 13, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request.

Affected Platforms (CPE)

πŸ“¦
Apple

Darwin Streaming Server

= 4.1.2
πŸ“¦
Apple

Darwin Streaming Server

= 5.0.1
πŸ“¦
Apple

Darwin Streaming Server

= 5.5.4
πŸ“¦
Apple

Darwin Streaming Server

= 4.1.3

References & Advisories

πŸ”— http://docs.info.apple.com/article.html?artnum=305495
πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533
πŸ”— http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html
πŸ”— http://osvdb.org/35976
πŸ”— http://secunia.com/advisories/25193
πŸ”— http://www.securityfocus.com/bid/23918
πŸ”— http://www.securitytracker.com/id?1018047
πŸ”— http://www.vupen.com/english/advisories/2007/1770

Related Vulnerabilities

CVE-2003-042610.0

The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assista...

CVE-2003-050210.0

Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot...

CVE-2003-042110.0

Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via an MS-DOS...

CVE-2007-074810.0

Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attacke...