Apple Darwin Streaming Server — known CVE vulnerabilities
Every CVE whose affected-product data names Apple Darwin Streaming Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2003-0421 — CVSS 10.0 (critical): Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via an MS-DOS device…
CVE-2003-0426 — CVSS 10.0 (critical): The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page…
CVE-2007-0748 — CVSS 10.0 (critical): Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to…
CVE-2003-0502 — CVSS 10.0 (critical): Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot)…
CVE-2007-0749 — CVSS 10.0 (critical): Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming…
CVE-2003-0050 — CVSS 7.5 (high): parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute…
CVE-2003-0054 — CVSS 7.5 (high): Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via…
CVE-2004-1083 — CVSS 7.5 (high): Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses…
CVE-2004-1086 — CVSS 7.5 (high): Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input…
CVE-2004-1088 — CVSS 7.5 (high): Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying…
CVE-2003-0422 — CVSS 5.0 (medium): Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via a request to…
CVE-2004-1084 — CVSS 5.0 (medium): Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain…
CVE-2003-0052 — CVSS 5.0 (medium): parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list…
CVE-2003-0051 — CVSS 5.0 (medium): parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain…
CVE-2004-1123 — CVSS 5.0 (medium): Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a…
CVE-2003-0423 — CVSS 5.0 (medium): parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable…
CVE-2003-0424 — CVSS 5.0 (medium): Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded…
CVE-2003-0425 — CVSS 5.0 (medium): Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to read arbitrary…
CVE-2004-0169 — CVSS 5.0 (medium): QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests…
CVE-2005-2195 — CVSS 5.0 (medium): Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service (application crash) via a URL with a…
CVE-2004-1089 — CVSS 4.6 (medium): Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access…
CVE-2003-1413 — CVSS 4.3 (medium): parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".."…
CVE-2003-1414 — CVSS 4.3 (medium): Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows…
CVE-2003-0053 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming…
CVE-2004-1085 — CVSS 2.1 (low): Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination…
CVE-2004-1081 — CVSS 2.1 (low): The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field…
CVE-2004-1087 — CVSS 2.1 (low): Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false…