CVE-2017-18238 (retired)

Priority
Description
An issue was discovered in Exempi before 2.4.4. The
TradQT_Manager::ParseCachedBoxes function in
XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers
to cause a denial of service (infinite loop) via crafted XMP data in a .qt
file.
Assigned-to
mdeslaur
Notes
Package
Upstream:released (2.4.4-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (2.2.2-2ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (2.4.5-2)
Patches:
Upstream:https://cgit.freedesktop.org/exempi/commit/?id=886cd1d2314755adb1f4cdb99c16ff00830f0331
More Information

Updated: 2019-10-09 07:59:44 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)