CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-0748

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1620%
EPSS Percentile33.12th
Published2007年5月13日
Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request.

Affected Platforms (CPE)

📦
Apple

Darwin Streaming Server

= 4.1.2
📦
Apple

Darwin Streaming Server

= 5.0.1
📦
Apple

Darwin Streaming Server

= 5.5.4
📦
Apple

Darwin Streaming Server

= 4.1.3

References & Advisories

🔗 http://docs.info.apple.com/article.html?artnum=305495
🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533
🔗 http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html
🔗 http://osvdb.org/35975
🔗 http://secunia.com/advisories/25193
🔗 http://www.securityfocus.com/bid/23918
🔗 http://www.securitytracker.com/id?1018047
🔗 http://www.vupen.com/english/advisories/2007/1770

相關漏洞威脅

CVE-2003-042610.0

The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assista...

CVE-2003-050210.0

Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot...

CVE-2003-042110.0

Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via an MS-DOS...

CVE-2007-074910.0

Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Str...