~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to active/CVE-2017-9122

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
Candidate: CVE-2017-9122
2
 
PublicDate: 2017-06-12
3
 
References:
4
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9122
5
 
 https://www.exploit-db.com/exploits/42148/
6
 
Description:
7
 
 The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows
8
 
 remote attackers to cause a denial of service (infinite loop and CPU
9
 
 consumption) via a crafted mp4 file.
10
 
Ubuntu-Description:
11
 
Notes:
12
 
Bugs:
13
 
Priority: medium
14
 
Discovered-by:
15
 
Assigned-to:
16
 
 
17
 
Patches_libquicktime:
18
 
upstream_libquicktime: needs-triage
19
 
precise/esm_libquicktime: DNE
20
 
trusty_libquicktime: needed
21
 
vivid/stable-phone-overlay_libquicktime: DNE
22
 
vivid/ubuntu-core_libquicktime: DNE
23
 
xenial_libquicktime: needed
24
 
yakkety_libquicktime: ignored (reached end-of-life)
25
 
zesty_libquicktime: ignored (reached end-of-life)
26
 
artful_libquicktime: needed
27
 
bionic_libquicktime: needed
28
 
devel_libquicktime: needed