CVE-2003-0053

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2003-0053
Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://www.iss.net/security_center/static/11404.php Vendor Advisory
http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt
http://www.securityfocus.com/bid/6958
http://marc.info/?l=bugtraq&m=104618904330226&w=2
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:darwin_streaming_server:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime_streaming_server:4.1.1:*:*:*:*:*:*:*
Information

Published : 2003-03-06 21:00

Updated : 2016-10-17 19:28

NVD link : CVE-2003-0053

Mitre link : CVE-2003-0053

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

apple

  • darwin_streaming_server
  • quicktime_streaming_server