CVE-2003-0053: XSS
First published: Fri Mar 07 2003(Updated: )
Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Quicktime Streaming Server | =4.1.1 | |
| Apple Darwin | =4.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2003-0053?
CVE-2003-0053 has a medium severity level due to its potential for exploitation via cross-site scripting.
How do I fix CVE-2003-0053?
To fix CVE-2003-0053, upgrade to the latest versions of Apple Darwin Streaming Administration Server or QuickTime Streaming Server.
What systems are affected by CVE-2003-0053?
CVE-2003-0053 affects Apple Darwin Streaming Administration Server version 4.1.2 and QuickTime Streaming Server version 4.1.1.
What type of vulnerability is CVE-2003-0053?
CVE-2003-0053 is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary scripts.
What can attackers do with CVE-2003-0053?
Attackers can exploit CVE-2003-0053 to insert malicious scripts into error messages, potentially affecting users' browsers.
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apple
- canonical/apple quicktime streaming server
- version/apple quicktime streaming server/4.1.1
- canonical/apple darwin
- version/apple darwin/4.1.2