SUSE CVE-2017-9125

The lqtframeduration function in lqtquicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mp4 file...

SUSE CVE-2017-9124

The quicktimematch32 function in util.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted mp4 file...

UBUNTU-CVE-2017-9126

The quicktimereaddreftable function in dref.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash via a crafted mp4 file...

Multiple Media Player HTTP DataHandler Overflow (Itunes, Quicktime, etc)

No description provided by source. ScaryMovie Exploit Study By: DrIDE October, 2009 There is a widespread failure in the way that .MOV files are handled by the Quicktime Library. I have attempted to compound my findings on this issue. Nearly every .MOV enabled application that I tested fell victi...

Multiple Media Players ((iTunes / QuickTime) - HTTP DataHandler Overflow

ScaryMovie Exploit Study By: DrIDE October, 2009 There is a widespread failure in the way that .MOV files are handled by the Quicktime Library. I have attempted to compound my findings on this issue. Nearly every .MOV enabled application that I tested fell victim to this exploit. This is a local...