26 matches found
EUVD-2018-17582
Malware in sbrugna...
EUVD-2017-5322
Malware in sbrugna...
EUVD-2015-5717
Malware in sbrugna...
Vulnerability Spotlight: Information disclosure vulnerability in Microsoft Media Foundation
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation contains an information disclosure vulnerability that could allow an attacker to eventually remotely execute code on the victim machine. Media Foundation is a COM-based multimedia...
Microsoft Windows Resource Management Error Vulnerability
Microsoft Windows is a set of operating systems used for personal devices.Microsoft Windows Server is a set of server operating systems. A remote code execution vulnerability exists in Microsoft Windows Media Foundation because the program fails to properly analyze specially crafted QuickTime med...
Vulnerability Spotlight: Remote code execution vulnerability in Microsoft Media Foundation
Marcin Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation’s framework contains a remote code execution vulnerability that exists due to a use-after-free condition. This specific bug lies in Media Foundation's MPEG4 DLL. An attacker could provide a...
LibRaw 'parse_qt()' function integer overflow vulnerability
LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. An integer overflow vulnerability exists in the 'parseqt' function in the internal/dcrawcommon.cpp file in LibRaw versions prior to 0.18.12. A remote attacker can exploit this...
CVE-2018-5815
An integer overflow error within the "parseqt" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file...
Integer overflow
An integer overflow error within the "parseqt" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file...
CVE-2018-5815
An integer overflow error within the "parseqt" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file...
UBUNTU-CVE-2018-5815
An integer overflow error within the "parseqt" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file...
CVE-2017-18238
An issue was discovered in Exempi before 2.4.4. The TradQTManager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTimeSupport.cpp allows remote attackers to cause a denial of service infinite loop via crafted XMP data in a .qt file...
UBUNTU-CVE-2017-18238
An issue was discovered in Exempi before 2.4.4. The TradQTManager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTimeSupport.cpp allows remote attackers to cause a denial of service infinite loop via crafted XMP data in a .qt file...
CVE-2017-13807
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory consumption via a crafted QuickTime file...
CVE-2017-13807
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory consumption via a crafted QuickTime file...
CVE-2017-13807
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory consumption via a crafted QuickTime file...
CVE-2017-13807
CVE-2017-13807 affects macOS High Sierra before 10.13.1, in the Audio path. A remote attacker could craft a QuickTime file to trigger arbitrary code execution or memory consumption (DoS). Root cause: memory handling issue in Audio when parsing QuickTime content. A patch is available in 10.13.1 Se...
Apple macOS High Sierra Audio code execution vulnerability
Apple macOS High Sierra is a specialized operating system developed by Apple Inc. for Mac computers.Audio is one of the audio components of the system. A security vulnerability exists in the Audio component of Apple macOS High Sierra versions prior to 10.13.1. A remote attacker can exploit this...
UBUNTU-CVE-2016-5108
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted QuickTime IMA file...
CVE-2015-5771
Quartz Composer Framework in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted QuickTime file...