← back
CVE-2016-2399

CVE-2016-2399

EPSS 7.2%
Integer overflow in the quicktime_read_pascal function in libquicktime 1.2.4 and earlier allows remote attackers to cause a denial of service or possibly have other unspecified impact via a crafted hdlr MP4 atom.
Affected products
n/a · n/a
public PoCs found3
cve_referencepacketstormsecurity.com/files/135899/libquicktime-1.2.4-Integer-Overflow.htmlunverifiedcve_referencewww.exploit-db.com/exploits/39487/unverifiedexploitdbwww.exploit-db.com/exploits/39487unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://packetstormsecurity.com/files/135899/libquicktime-1.2.4-Integer-Overflow.htmlhttps://www.exploit-db.com/exploits/39487/http://www.debian.org/security/2017/dsa-3800http://www.nemux.org/2016/02/23/libquicktime-1-2-4/http://www.securityfocus.com/bid/95880