Описание
An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 2.4.3-1ubuntu1.1 |
| bionic | not-affected | 2.4.5-2 |
| devel | not-affected | 2.4.5-2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [2.2.1-1ubuntu1.1]] |
| esm-infra/bionic | not-affected | 2.4.5-2 |
| esm-infra/xenial | released | 2.2.2-2ubuntu0.1 |
| precise/esm | DNE | |
| trusty | released | 2.2.1-1ubuntu1.1 |
| trusty/esm | DNE | trusty was released [2.2.1-1ubuntu1.1] |
| upstream | released | 2.4.4-1 |
Показывать по
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.
An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.
An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::Pa ...
An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.
Уязвимость функции TradQT_Manager::ParseCachedBoxes утилиты «exempi», позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3