CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-2399

Integer overflow in the quicktime_read_pascal function in libquicktime 1.2.4 and earlier allows remote attackers to cause a denial of service or possibly have other unspecified impact via a crafted hdlr MP4 atom.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.6%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

http://www.debian.org/security/2017/dsa-3800
http://www.nemux.org/2016/02/23/libquicktime-1-2-4/
http://www.securityfocus.com/bid/95880
https://packetstormsecurity.com/files/135899/libquicktime-1.2.4-Integer-Overflow.html
https://www.exploit-db.com/exploits/39487/
http://www.debian.org/security/2017/dsa-3800
http://www.nemux.org/2016/02/23/libquicktime-1-2-4/
http://www.securityfocus.com/bid/95880
https://packetstormsecurity.com/files/135899/libquicktime-1.2.4-Integer-Overflow.html
https://www.exploit-db.com/exploits/39487/

Products affected by CVE-2016-2399

Libquicktime » Libquicktime » Version: 1.2.4

cpe:2.3:a:libquicktime:libquicktime:1.2.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-2399

Products

Pricing

Contact Us