CVE-2015-8790

2016-01-29T00:00:00
ID UB:CVE-2015-8790
Type ubuntucve
Reporter ubuntu.com
Modified 2016-01-29T00:00:00

Description

The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.

Notes

Author| Note
---|---
sbeattie | mkvtoolnix contains an embedded copy of libebml, but it looks like it uses the system version of it