Integer overflow in the quicktimereadpascal function in libquicktime 1.2.4 and earlier allows remote attackers to cause a denial of service or possibly have other unspecified impact via a crafted hdlr MP4 atom.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2:1.2.4-7+deb8u1build0.16.04.1", "binary_name": "libquicktime-dev" }, { "binary_version": "2:1.2.4-7+deb8u1build0.16.04.1", "binary_name": "libquicktime-doc" }, { "binary_version": "2:1.2.4-7+deb8u1build0.16.04.1", "binary_name": "libquicktime2" }, { "binary_version": "2:1.2.4-7+deb8u1build0.16.04.1", "binary_name": "libquicktime2-dbgsym" }, { "binary_version": "2:1.2.4-7+deb8u1build0.16.04.1", "binary_name": "quicktime-utils" }, { "binary_version": "2:1.2.4-7+deb8u1build0.16.04.1", "binary_name": "quicktime-utils-dbgsym" }, { "binary_version": "2:1.2.4-7+deb8u1build0.16.04.1", "binary_name": "quicktime-x11utils" }, { "binary_version": "2:1.2.4-7+deb8u1build0.16.04.1", "binary_name": "quicktime-x11utils-dbgsym" } ] }