parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote malicious users to obtain the physical path of the server's installation path via a NULL file parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple quicktime streaming server 4.1.1 |
||
apple darwin streaming server 4.1.2 |