The vulnerability in the `QuickTimeVideo::userDataDecoder` function of the `quicktimevideo.cpp` file in the library and command-line utilities for managing image metadata with the Exiv2 library allows a hacker to execute arbitrary code.

The vulnerability of the QuickTimeVideo::userDataDecoder function in the quicktimevideo.cpp file of the Exiv2 image metadata management library and command-line utilities is related to pointer aliasing errors. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

ROS-20221009-01

A vulnerability in the Exiv2 image metadata management library and command-line utility is related to the QuickTimeVideo::userDataDecoder function of the quicktimevideo.cpp file of the QuickTime Video Handler component. Exploitation of the vulnerability could allow an attacker acting remotely to...

CVE-2022-3757

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2022-3755

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2022-3756

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2022-3718

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2022-3719

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

PT-2022-5397 · Exiv2 +1 · Exiv2 +1

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to a heap-based buffer overflow in the QuickTimeVideo::userDataDecoder function of the quicktimevideo.cpp file in the Exiv2 library. This can be exploited by a remote...

PT-2022-5400 · Exiv2 +1 · Exiv2 +1

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to a buffer overflow in the QuickTimeVideo::decodeBlock function of the quicktimevideo.cpp file in the Exiv2 library, which can be exploited by a remote attacker to execu...

PT-2022-5395 · Exiv2 +1 · Exiv2 +1

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to the QuickTimeVideo::userDataDecoder function in the quicktimevideo.cpp file of the Exiv2 library, which is used for managing image metadata. It is associated with null...

PT-2022-5398 · Exiv2 +1 · Exiv2 +1

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to the function QuickTimeVideo::decodeBlock of the file quicktimevideo.cpp in the QuickTime Video Handler component of the Exiv2 library and command-line utility for...

PT-2022-5396 · Exiv2 +1 · Exiv2 +1

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to an integer overflow in the QuickTimeVideo::userDataDecoder function of the quicktimevideo.cpp file in the QuickTime Video Handler component. This can be exploited...

CVE-2022-2122

A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the qt demuxer when processing a specially crafted QuickTime/MP4 file using zlib decompression. This vulnerability can result in application crash, memory corruption, and code execution...

PT-2022-37222 · Exiv2 · Exiv2

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to a heap-buffer-overflow read error. Technical details indicate that the crash occurs in the Exiv2::QuickTimeVideo::previewTagDecoder and Exiv2::QuickTimeVideo::tagDecod...

The vulnerability of the Apple QuickTime multimedia package, which allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Apple QuickTime multimedia package is related to buffer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

OESA-2022-1736 gstreamer1-plugins-good security update

GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...

Apple macOS Big Sur 访问控制错误漏洞

Apple macOS Big Sur is a mobile application app from Apple USA. An Access Control Error vulnerability exists in Apple macOS Big Sur prior to version 11.6.5, which stems from improper access restrictions in QuickTime Player on the system. An attacker can write a malicious plugin to exploit the...

The vulnerability of the Adobe Media Encoder application, related to reading beyond the buffer in memory, allows attackers to escalate their privileges and gain unauthorized access to protected information.

The vulnerability of the Adobe Media Encoder application relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain unauthorized access to protected information through a specially created MOV file...

Mageia: Security Advisory (MGASA-2016-0221)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the professional video editing software Adobe Premiere Pro, related to the use of memory after it is released, allows attackers to enhance their privileges and gain unauthorized access to protected information.

The vulnerability of the professional video editing software Adobe Premiere Pro lies in the use of memory after it is released. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain unauthorized access to protected information through a specially created MOV fil...