Vulnerabilities > Matroska > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-10 | CVE-2017-12779 | NULL Pointer Dereference vulnerability in Matroska Mkvalidator 0.5.1 The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | 4.3 |
| 2016-01-29 | CVE-2015-8792 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access. | 5.0 |
| 2016-01-29 | CVE-2015-8791 | Information Exposure vulnerability in Matroska Libebml 1.3.2 The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access. | 4.3 |
| 2016-01-29 | CVE-2015-8790 | Information Exposure vulnerability in Matroska Libebml 1.3.2 The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access. | 4.3 |