Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote malicious users to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple darwin streaming server 4.1.2 |
||
apple quicktime streaming server 4.1.1 |