CVE-2004-1084

CVE Database · CVE-2004-1084

CVE-2004-1084

· N/AModified

CVSS v3.1

N/A

EPSS

1.64%

Published

Dec 2, 2004

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.

Affected Products (35)

apple · darwin_streaming_servervulnerable

apple · quicktime_streaming_servervulnerable

apple · mac_os_xvulnerable

References (14)

http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html

PatchVendor Advisory

http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html

http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html

http://secunia.com/advisories/13362/

PatchVendor Advisory

http://www.ciac.org/ciac/bulletins/p-049.shtml

PatchVendor Advisory

http://www.securityfocus.com/bid/11802

https://exchange.xforce.ibmcloud.com/vulnerabilities/18349

http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html

KEV Catalog EPSS Scores Vendors All CVEs