VAR-200312-0193
Vulnerability from variot - Updated: 2023-12-18 11:19Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed ID3 tags in MP3 files. Apple's QuickTime and Darwin Streaming Server (DSS) package includes a utility called MP3Broadcaster. This utility contains an integer overflow which may be exploited to cause a denial of service. MP3Broadcaster has been reported prone to a vulnerability when processing malicious ID3 tags. This is likely due to insufficient sanity checks performed when handling signed integer values contained within MP3 file ID3 tags. MP3Broadcaster is an MP3 broadcasting program included in the Darwin streaming service program. MP3Broadcaster does not correctly process the ID3 tag. Remote attackers can use this vulnerability to construct malicious MP3 files, trigger integer-based buffer overflows, and perform denial-of-service attacks on service programs. Malicious MP3 files can cause MP3Broadcaster to segfault
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200312-0193",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": "quicktime broadcaster",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "4.1.3"
},
{
"model": "quicktime mp3 broadcaster",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#148564"
},
{
"db": "BID",
"id": "7660"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-258"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime_broadcaster:4.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1091"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sir Mordred\u203b sir.mordred@hushmail.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-258"
}
],
"trust": 0.6
},
"cve": "CVE-2003-1091",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-7916",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-1091",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#148564",
"trust": 0.8,
"value": "4.69"
},
{
"author": "CNNVD",
"id": "CNNVD-200312-258",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-7916",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#148564"
},
{
"db": "VULHUB",
"id": "VHN-7916"
},
{
"db": "NVD",
"id": "CVE-2003-1091"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-258"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed ID3 tags in MP3 files. Apple\u0027s QuickTime and Darwin Streaming Server (DSS) package includes a utility called MP3Broadcaster. This utility contains an integer overflow which may be exploited to cause a denial of service. \nMP3Broadcaster has been reported prone to a vulnerability when processing malicious ID3 tags. This is likely due to insufficient sanity checks performed when handling signed integer values contained within MP3 file ID3 tags. MP3Broadcaster is an MP3 broadcasting program included in the Darwin streaming service program. MP3Broadcaster does not correctly process the ID3 tag. Remote attackers can use this vulnerability to construct malicious MP3 files, trigger integer-based buffer overflows, and perform denial-of-service attacks on service programs. Malicious MP3 files can cause MP3Broadcaster to segfault",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1091"
},
{
"db": "CERT/CC",
"id": "VU#148564"
},
{
"db": "BID",
"id": "7660"
},
{
"db": "VULHUB",
"id": "VHN-7916"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-7916",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7916"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "7660",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#148564",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1006822",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2003-1091",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200312-258",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "4873",
"trust": 0.6
},
{
"db": "XF",
"id": "3",
"trust": 0.6
},
{
"db": "XF",
"id": "12054",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030522 QUICKTIME/DARWIN STREAMING SERVER SECURITY ISSUES",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-76429",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22630",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-7916",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#148564"
},
{
"db": "VULHUB",
"id": "VHN-7916"
},
{
"db": "BID",
"id": "7660"
},
{
"db": "NVD",
"id": "CVE-2003-1091"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-258"
}
]
},
"id": "VAR-200312-0193",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7916"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:19:39.694000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1091"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/7660"
},
{
"trust": 2.0,
"url": "http://www.kb.cert.org/vuls/id/148564"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-05/0245.html"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1006822"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12054"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2003/may/1006822.html"
},
{
"trust": 0.8,
"url": "http://www.iss.net/security_center/static/12054.php"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/12054"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/4873"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#148564"
},
{
"db": "VULHUB",
"id": "VHN-7916"
},
{
"db": "BID",
"id": "7660"
},
{
"db": "NVD",
"id": "CVE-2003-1091"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-258"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#148564"
},
{
"db": "VULHUB",
"id": "VHN-7916"
},
{
"db": "BID",
"id": "7660"
},
{
"db": "NVD",
"id": "CVE-2003-1091"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-258"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-12-23T00:00:00",
"db": "CERT/CC",
"id": "VU#148564"
},
{
"date": "2003-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-7916"
},
{
"date": "2003-05-22T00:00:00",
"db": "BID",
"id": "7660"
},
{
"date": "2003-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2003-1091"
},
{
"date": "2003-05-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-258"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-12-23T00:00:00",
"db": "CERT/CC",
"id": "VU#148564"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-7916"
},
{
"date": "2003-05-22T00:00:00",
"db": "BID",
"id": "7660"
},
{
"date": "2017-07-11T01:29:44.010000",
"db": "NVD",
"id": "CVE-2003-1091"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-258"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-258"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple QuickTime/Darwin Streaming Server integer overflow in MP3Broadcaster utility",
"sources": [
{
"db": "CERT/CC",
"id": "VU#148564"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "7660"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-258"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…