Apple QuickTime / Darwin Streaming Server prior to 4.1.3f allows remote malicious users to obtain the source code for scripts by appending encoded space (%20) or . (%2e) characters to an HTTP request for the script, e.g. view_broadcast.cgi.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple darwin streaming server 4.1.3 |