12 matches found
Ubuntu 16.04 LTS : libquicktime vulnerabilities (USN-4545-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4545-1 advisory. It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a...
USN-4545-1: libquicktime vulnerabilities
It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause a denial of service resource exhaustion. CVE-2017-9122 It was discovered that libquicktime...
Debian DLA-1042-1 : libquicktime security update
CVE-2017-9122 The quicktimereadmoov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted mp4 file. CVE-2017-9123 The lqtframeduration function in lqtquicktime.c in libquicktime 1.2.4 allows remote attackers t...
[SECURITY] [DLA 1042-1] libquicktime security update
Package : libquicktime Version : 2:1.2.4-3+deb7u2 CVE ID : CVE-2017-9122 CVE-2017-9123 CVE-2017-9124 CVE-2017-9125 CVE-2017-9126 CVE-2017-9127 CVE-2017-9128 Debian Bug : 864664 CVE-2017-9122 The quicktimereadmoov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial o...
Updated libquicktime packages fix security vulnerabilities
A DoS in quicktimereadmoov function in moov.c via acrafted mp4 file was fixed CVE-2017-9122. An invalid memory read in lqtframeduration via a crafted mp4 file was fixed CVE-2017-9123. A NULL pointer dereference in quicktimematch32 via a crafted mp4 file was fixed CVE-2017-9124. A DoS in...
openSUSE Security Update : libquicktime (openSUSE-2017-785)
This update for libquicktime fixes the following issues : - CVE-2017-9122: A DoS in quicktimereadmoov function in moov.c via acrafted mp4 file was fixed. boo1044077 - CVE-2017-9123: An invalid memory read in lqtframeduration via a crafted mp4 file was fixed. boo1044009 - CVE-2017-9124: A NULL...
SUSE SLED12 / SLES12 Security Update : libquicktime (SUSE-SU-2017:1769-1)
This update for libquicktime fixes the following issues : - CVE-2017-9122: A DoS in quicktimereadmoov function in moov.c via acrafted mp4 file was fixed. bsc1044077 - CVE-2017-9123: An invalid memory read in lqtframeduration via a crafted mp4 file was fixed. bsc1044009 - CVE-2017-9124: A NULL...
CVE-2017-9122
The quicktimereadmoov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted mp4 file...
CVE-2017-9122
The quicktimereadmoov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted mp4 file...
CVE-2017-9122
CVE-2017-9122 affects libquicktime 1.2.4, where quicktime_read_moov in moov.c can be triggered by a crafted MP4 to cause a denial of service (infinite loop/CPU exhaustion). The issue is addressed across multiple advisories (Ubuntu USN-4545-1, Debian DLA-1042-1, openSUSE openSUSE-2017-785, Mageia ...
libquicktime 1.2.4 - Denial of Service Vulnerability
Exploit for linux platform in category dos / poc libquicktime multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= The libquicktime package contains the libquicktime library, various plugins and codecs, along with graphical and command line...
libquicktime 1.2.4 - Denial of Service
libquicktime 1.2.4 - Denial of Service libquicktime multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= The libquicktime package contains the libquicktime library, various plugins and codecs, along with graphical and command line utilities used f...