Your submission was sent successfully! Close

CVE-2017-9127

Published: 12 June 2017

The quicktime_user_atoms_read_atom function in useratoms.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted mp4 file.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
libquicktime
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(2:1.2.4-11)
cosmic Not vulnerable
(2:1.2.4-11)
disco Not vulnerable
(2:1.2.4-11)
eoan Not vulnerable
(2:1.2.4-11)
focal Not vulnerable
(2:1.2.4-11)
precise Does not exist

trusty Does not exist
(trusty was needed)
upstream
Released (2:1.2.4-11)
xenial
Released (2:1.2.4-7+deb8u1ubuntu0.1)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)