Haojun H

**Name of the Vulnerable Software and Affected Versions** libquicktime version 1.2.4 **Description** An allocation failure was found in the `quicktime read info` function in `lqt quicktime.c`, which allows attackers to cause a denial of service via a crafted file. **Recommendations** For libquicktime version 1.2.4, consider avoiding the use of the `quicktime read info` function until a patch is available. As a temporary workaround, restrict the processing of crafted files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** libquicktime version 1.2.4 **Description** An allocation failure was found in the `quicktime read ftyp` function in `ftyp.c`, which allows attackers to cause a denial of service via a crafted file. **Recommendations** For libquicktime version 1.2.4, consider updating to a newer version that addresses this issue, as no specific fix is provided for this version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.