Vulnerabilities > Matroska
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-10 | CVE-2017-12779 | NULL Pointer Dereference vulnerability in Matroska Mkvalidator 0.5.1 The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | 4.3 |
| 2016-01-29 | CVE-2015-8792 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access. | 5.0 |
| 2016-01-29 | CVE-2015-8791 | Information Exposure vulnerability in Matroska Libebml 1.3.2 The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access. | 4.3 |
| 2016-01-29 | CVE-2015-8790 | Information Exposure vulnerability in Matroska Libebml 1.3.2 The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access. | 4.3 |
| 2016-01-29 | CVE-2015-8789 | Unspecified vulnerability in Matroska Libebml 1.3.2 Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document. | 9.3 |