Описание
Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.1.1+ubuntu2-7.12 |
| devel | not-affected | 1.1.16.3-0ubuntu1 |
| gutsy | ignored | end of life, was needs-triage |
| hardy | released | 1.1.11.1-1ubuntu3.4 |
| intrepid | released | 1.1.15-0ubuntu3.3 |
| upstream | needs-triage |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow.
Integer overflow in the qt_error parse_trak_atom function in demuxers/ ...
Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow.
EPSS
5 Medium
CVSS2