Matroska : Security Vulnerabilities, CVEs, Published In 2016 (Information Leak)
The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access.
Max CVSS
5.3
EPSS Score
0.18%
Published
2016-01-29
Updated
2018-10-30
The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access.
Max CVSS
4.3
EPSS Score
0.21%
Published
2016-01-29
Updated
2016-12-03
The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.
Max CVSS
4.3
EPSS Score
0.40%
Published
2016-01-29
Updated
2017-01-20
3 vulnerabilities found