CVE-2017-2218

Untrusted search path vulnerability in Installer of QuickTime for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

Installer of QuickTime for Windows may insecurely load Dynamic Link Libraries

Overview Installer of QuickTime for Windows contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

JVN#94771799: Installer of QuickTime for Windows may insecurely load Dynamic Link Libraries

Installer of QuickTime for Windows contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Do not use Installer of QuickTime for Windows T...

UBUNTU-CVE-2017-9126

The quicktimereaddreftable function in dref.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash via a crafted mp4 file...

CVE-2017-9127

The quicktimeuseratomsreadatom function in useratoms.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash via a crafted mp4 file...

DEBIAN-CVE-2017-9125

The lqtframeduration function in lqtquicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mp4 file...

CVE-2017-9122

The quicktimereadmoov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted mp4 file...

CVE-2017-9126

The quicktimereaddreftable function in dref.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash via a crafted mp4 file...

DEBIAN-CVE-2017-9122

The quicktimereadmoov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted mp4 file...

CVE-2017-9122

CVE-2017-9122 affects libquicktime 1.2.4, where quicktime_read_moov in moov.c can be triggered by a crafted MP4 to cause a denial of service (infinite loop/CPU exhaustion). The issue is addressed across multiple advisories (Ubuntu USN-4545-1, Debian DLA-1042-1, openSUSE openSUSE-2017-785, Mageia ...

libquicktime Denial of Service Vulnerability (CNVD-2017-11753)

libquicktime is a library for reading and writing files in quicktime, avi and mp4 formats. A security vulnerability exists in the 'quicktimevideowidth' function of the lqtquicktime.c file in libquicktime version 1.2.4. A remote attacker can exploit this vulnerability to cause a denial of service...

libquicktime 1.2.4 - Denial of Service

libquicktime multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= The libquicktime package contains the libquicktime library, various plugins and codecs, along with graphical and command line utilities used for encoding and decoding QuickTime file...

libquicktime Denial of Service Vulnerability (CNVD-2017-11755)

libquicktime is a library for reading and writing files in quicktime, avi and mp4 formats. A security vulnerability exists in the 'quicktimereaddreftable' function in the dref.c file in libquicktime version 1.2.4. A remote attacker can exploit this vulnerability to cause a denial of service heap...

libquicktime Denial of Service Vulnerability (CNVD-2017-11754)

libquicktime is a library for reading and writing files in quicktime, avi and mp4 formats. A security vulnerability exists in the 'quicktimeuseratomsreadatom' function in the useratoms.c file in libquicktime version 1.2.4. A remote attacker can exploit this vulnerability to cause a denial of...

The vulnerability of the Multimedia Toolkit QuickTime, allowing a hacker to execute arbitrary code

The vulnerability of the Multimedia Toolkit QuickTime is caused by buffer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Buffer overflow

Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code...

CVE-2011-3428

Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code...

CVE-2011-3428

CVE-2011-3428 concerns a buffer overflow in Apple QuickTime for Windows prior to version 7.7.1 . The vulnerability allows a remote attacker to execute arbitrary code on affected systems via the QuickTime player. The root cause is a buffer overflow in Windows builds of QuickTime, with the impact s...

CVE-2011-3428

Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the QuickTime component in the Mac OS X operating system arises from an operation that goes beyond the buffer on the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption, application termination b...