The ReadData function in ebmlstring.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted mkv file.
References
Link | Resource |
---|---|
https://github.com/Matroska-Org/foundation-source/issues/24 | Exploit Third Party Advisory |
http://seclists.org/fulldisclosure/2017/Nov/19 | Exploit Mailing List Third Party Advisory |
http://packetstormsecurity.com/files/144902/mkvalidator-0.5.1-Denial-Of-Service.html | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-11-09 18:29
Updated : 2017-11-22 12:16
NVD link : CVE-2017-12780
Mitre link : CVE-2017-12780
JSON object : View
CWE
CWE-416
Use After Free
Products Affected
matroska
- mkclean
- libebml2
- mkvalidator