149 matches found
CVE-2017-9125
The lqtframeduration function in lqtquicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mp4 file...
DEBIAN-CVE-2017-9122
The quicktimereadmoov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted mp4 file...
Null pointer dereference
The quicktimematch32 function in util.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted mp4 file...
CVE-2017-9128
The quicktimevideowidth function in lqtquicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted mp4 file...
CVE-2017-9128
The quicktimevideowidth function in lqtquicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted mp4 file...
CVE-2017-9124
The quicktimematch32 function in util.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted mp4 file...
DEBIAN-CVE-2017-9128
The quicktimevideowidth function in lqtquicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted mp4 file...
DEBIAN-CVE-2017-9126
The quicktimereaddreftable function in dref.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash via a crafted mp4 file...
CVE-2017-9125
The lqtframeduration function in lqtquicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mp4 file...
CVE-2017-9124
The quicktimematch32 function in util.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted mp4 file...
CVE-2017-9127
The quicktimeuseratomsreadatom function in useratoms.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash via a crafted mp4 file...
CVE-2017-9128
The quicktimevideowidth function in lqtquicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted mp4 file...
CVE-2017-9124
The quicktimematch32 function in util.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted mp4 file...
CVE-2017-9123
The lqtframeduration function in lqtquicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted mp4 file...
CVE-2017-9122
The quicktimereadmoov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted mp4 file...
CVE-2017-9127
CVE-2017-9127 affects libquicktime 1.2.4, where the quicktime_user_atoms_read_atom function can be exploited by a crafted MP4 file to cause a heap-based buffer overflow and denial of service. Public advisories from Debian (DLA-1042-1) and openSUSE/SUSE mention fixes in libquicktime 1.2.4–3+deb7u2...
CVE-2017-9126
The quicktimereaddreftable function in dref.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash via a crafted mp4 file...
CVE-2017-9126
The quicktimereaddreftable function in dref.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash via a crafted mp4 file...
CVE-2017-9122
CVE-2017-9122 affects libquicktime 1.2.4, where quicktime_read_moov in moov.c can be triggered by a crafted MP4 to cause a denial of service (infinite loop/CPU exhaustion). The issue is addressed across multiple advisories (Ubuntu USN-4545-1, Debian DLA-1042-1, openSUSE openSUSE-2017-785, Mageia ...
CVE-2017-9124
CVE-2017-9124 affects libquicktime 1.2.4, where the quicktime_match_32 function in util.c can be triggered by a crafted MP4 file to cause a denial of service via a NULL pointer dereference. In public advisories, multiple distributions have addressed this issue (e.g., Debian DLA-1042-1 fixing 2:1....