HIGH
Libquicktime
CVE published 2017-01-30
CVE-2016-2399
CVE-2016-2399 is a libquicktime parsing flaw in which an integer overflow in quicktime_read_pascal can be triggered by a crafted hdlr MP4 atom. NVD classifies the issue as CWE-190 and lists affected libquicktime versions up to 1.2.4. The described impact includes denial of service and possibly other unspecified impact, so any system that processes untrusted MP4 content with libquicktime should treat this [truncated]