Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2016-2399

Published: 30/01/2017 Updated: 04/11/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Libquicktime

Vulnerability Summary

Integer overflow in the quicktime_read_pascal function in libquicktime 1.2.4 and previous versions allows remote malicious users to cause a denial of service or possibly have other unspecified impact via a crafted hdlr MP4 atom.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

libquicktime libquicktime

Vendor Advisories

Debian CVElist Bug Report Logs: libquicktime: CVE-2016-2399
Debian Bug report logs - #855099 libquicktime: CVE-2016-2399 Package: src:libquicktime; Maintainer for src:libquicktime is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 14 Feb 2017 04:57:02 UTC Severity: important Tags: security, u ...
Debian CVElist Bug Report Logs: CVE-2017-9122 CVE-2017-9123 CVE-2017-9124 CVE-2017-9125 CVE-2017-9126 CVE-2017-9127 CVE-2017-9128
Debian Bug report logs - #864664 CVE-2017-9122 CVE-2017-9123 CVE-2017-9124 CVE-2017-9125 CVE-2017-9126 CVE-2017-9127 CVE-2017-9128 Package: src:libquicktime; Maintainer for src:libquicktime is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon ...

Exploits

Exploit DB: libquicktime 1.2.4 - Integer Overflow
#!/usr/bin/env python # ### # - 7 February 2016 - # My last bug hunting session (*for fun and no-profit*) # has been dedicated to libquicktime ### # # Author: Marco Romano - @nemux_ wwwnemuxorg # libquicktime 124 Integer Overflow # # Product Page: libquicktimesourceforgenet/ # Description: 'hdlr', 'stsd', 'ftab' MP4 Atoms Inte ...
Exploit DB: libquicktime 1.2.4 Integer Overflow
libquicktime version 124 suffers from an integer overflow vulnerability ...

References

CWE-190https://packetstormsecurity.com/files/135899/libquicktime-1.2.4-Integer-Overflow.htmlhttp://www.nemux.org/2016/02/23/libquicktime-1-2-4/http://www.securityfocus.com/bid/95880https://www.exploit-db.com/exploits/39487/http://www.debian.org/security/2017/dsa-3800https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855099https://www.exploit-db.com/exploits/39487/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook