Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Darwin_streaming_server | Apple | 4.1.3 (including) | 4.1.3 (including) |
Darwin_streaming_server | Apple | 5.0.1 (including) | 5.0.1 (including) |
Quicktime_streaming_server | Apple | 4.1.1 (including) | 4.1.1 (including) |