Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2020/09/26 12:0 a.m.37 views

Ubuntu 16.04 LTS : libquicktime vulnerabilities (USN-4545-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4545-1 advisory. It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a...

7.1CVSS6.1AI score0.06487EPSS
Exploits3References8
Ubuntu
Ubuntu
added 2020/09/25 8:2 p.m.51 views

USN-4545-1: libquicktime vulnerabilities

It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause a denial of service resource exhaustion. CVE-2017-9122 It was discovered that libquicktime...

7.1CVSS6.2AI score0.06487EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2017/07/31 12:0 a.m.38 views

Debian DLA-1042-1 : libquicktime security update

CVE-2017-9122 The quicktimereadmoov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted mp4 file. CVE-2017-9123 The lqtframeduration function in lqtquicktime.c in libquicktime 1.2.4 allows remote attackers t...

7.1CVSS6.3AI score0.06487EPSS
Exploits3References9
Mageia
Mageia
added 2017/07/25 10:7 p.m.34 views

Updated libquicktime packages fix security vulnerabilities

A DoS in quicktimereadmoov function in moov.c via acrafted mp4 file was fixed CVE-2017-9122. An invalid memory read in lqtframeduration via a crafted mp4 file was fixed CVE-2017-9123. A NULL pointer dereference in quicktimematch32 via a crafted mp4 file was fixed CVE-2017-9124. A DoS in...

7.1CVSS4.3AI score0.06487EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2017/07/05 12:0 a.m.31 views

SUSE SLED12 / SLES12 Security Update : libquicktime (SUSE-SU-2017:1769-1)

This update for libquicktime fixes the following issues : - CVE-2017-9122: A DoS in quicktimereadmoov function in moov.c via acrafted mp4 file was fixed. bsc1044077 - CVE-2017-9123: An invalid memory read in lqtframeduration via a crafted mp4 file was fixed. bsc1044009 - CVE-2017-9124: A NULL...

7.1CVSS6.2AI score0.06487EPSS
Exploits3References22
CVE
CVE
added 2017/06/12 6:0 a.m.70 views

CVE-2017-9128

CVE-2017-9128 affects libquicktime 1.2.4, where the function quicktime_video_width in lqt_quicktime.c can trigger a heap-based buffer over-read , leading to a denial of service when processing crafted MP4 files. Connected advisories (Debian, Ubuntu, SUSE, Mageia) confirm this issue and provide fi...

6.5CVSS6.1AI score0.03828EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder