7 matches found
CVE-2017-12800
The CVE-2017-12800 issue affects libebml2’s EBML_FindNextElement function (ebmlmain.c) in versions up to 2012-08-26. A crafted MKV file can trigger a null pointer dereference, leading to a denial of service (application crash) when parsing MKV streams. The available sources specify the vulnerable...
CVE-2017-12801
The CVE-2017-12801 issue affects libebml2 (UpdateDataSize in ebmlmaster.c) and is triggered by processing crafted MKV files. The vulnerability allows remote attackers to cause a denial-of-service, producing an assertion fault. Technical details from connected records show the flaw exists in libeb...
CVE-2017-12802
CVE-2017-12802 concerns the EBML_IntegerValue function in libebml2’s ebmlnumber.c. The vulnerability affects versions up to 2012-08-26 and allows remote attackers to cause a denial of service (assert fault) via a specially crafted MKV file. No exploit/vector details are provided in the connected ...
CVE-2017-12781
CVE-2017-12781 concerns the libebml2 parser. The vulnerability resides in the EBML_BufferToID function in ebmlelement.c, affecting libebml2 up to and including versions released before 2012-08-26. A crafted MKV file can trigger a denial of service via a NULL pointer dereference, potentially crash...
CVE-2017-12783
CVE-2017-12783 affects libebml2 (ReadDataFloat in ebmlnumber.c) up to version 2012-08-26. A crafted MKV file can trigger a denial-of-service (assert fault) remotely. The connected records confirm the vulnerable component and impact; no remediation details are provided in the supplied documents.
CVE-2017-12782
The CVE-2017-12782 entry concerns the ReadData function in ebmlmaster.c within libebml2 up to 2012-08-26, where a crafted MKV file can trigger a remote denial of service (assert fault). The connected documents confirm the vulnerable component and file, and describe the impact as a denial of servi...
CVE-2017-12780
CVE-2017-12780 affects the ReadData function in ebmlstring.c of Libebml2 (up to 2012-08-26). A crafted MKV file can trigger an invalid free and crash the application, resulting in a denial of service. Connected sources corroborate this issue across multiple databases and mirror the same descripti...