Lucene search
K

147 matches found

CVE
CVE
added 2016/01/29 7:0 p.m.69 views

CVE-2015-8790

CVE-2015-8790 affects libebml (EBML library). Affected: libebml versions prior to 1.3.3. Root cause: context-dependent attackers could obtain sensitive information from process heap memory by using a crafted UTF-8 string, leading to information exposure. Related issues: CVE-2015-8789 (use-after-f...

4.3CVSS4.3AI score0.01848EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2016/01/29 7:0 p.m.79 views

CVE-2015-8789

The CVE-2015-8789 issue affects libebml (EbmlMaster::Read) prior to 1.3.3. A use-after-free condition occurs when parsing a deeply nested EBML element with infinite size, which can lead to remote code execution if a malicious document is provided. Public advisories (Debian DSA-3538-1) describe th...

9.6CVSS9.2AI score0.02126EPSS
Exploits0References7Affected Software1
Talos
Talos
added 2016/01/28 12:0 a.m.38 views

Matroska libebml EbmlUnicodeString Heap Information Leak

Talos Vulnerability Report TALOS-2016-0036 Matroska libebml EbmlUnicodeString Heap Information Leak January 28, 2016 CVE Number CVE-2015-8790 Description A specially crafted unicode string can cause an off-by-few read on the heap in unicode string parsing code in libebml. This issue can potential...

4.3CVSS4.8AI score0.01848EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/01/25 12:0 a.m.18 views

openSUSE Security Update : libebml / libmatroska (openSUSE-2016-37)

This update for libebml, libmatroska fixes the following security issues : Vulnerabilities fixed in libebml : - Cisco TALOS-CAN-0036: Invalid memory access when reading from a UTF-8 string resulted in a heap information leak bsc961031. - Cisco TALOS-CAN-0037: Deeply nested elements with infinite...

5.5AI score
Exploits0References1
Mageia
Mageia
added 2015/11/05 10:46 p.m.18 views

Updated libebml packages fix security vulnerability

In EbmlMaster::Read in libebml before 1.3.3, when the parser encountered a deeply nested element with an infinite size then a following element of an upper level was not propagated correctly. Instead the element with the infinite size was added into the EBML element tree a second time resulting i...

2.1AI score
Exploits0References4
OSV
OSV
added 2015/11/05 10:46 p.m.4 views

MGASA-2015-0430 Updated libebml packages fix security vulnerability

In EbmlMaster::Read in libebml before 1.3.3, when the parser encountered a deeply nested element with an infinite size then a following element of an upper level was not propagated correctly. Instead the element with the infinite size was added into the EBML element tree a second time resulting i...

7.1AI score
Exploits0References5
FreeBSD
FreeBSD
added 2015/10/20 12:0 a.m.26 views

libebml -- multiple vulnerabilities

Mortiz Bunkus reports: Multiple invalid memory accesses vulnerabilities...

9.6CVSS6.1AI score0.02126EPSS
Exploits0References1
Rows per page
Query Builder