Filtered by vendor Matroska
Subscribe
Total
15 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-3405 | 3 Debian, Fedoraproject, Matroska | 3 Debian Linux, Fedora, Libebml | 2022-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml. | |||||
CVE-2015-8792 | 2 Matroska, Opensuse | 3 Libmatroska, Leap, Opensuse | 2018-10-30 | 5.0 MEDIUM | 5.3 MEDIUM |
The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access. | |||||
CVE-2017-12803 | 1 Matroska | 1 Mkclean | 2017-11-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | |||||
CVE-2017-12779 | 1 Matroska | 1 Mkvalidator | 2017-11-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | |||||
CVE-2017-12802 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-27 | 4.3 MEDIUM | 6.5 MEDIUM |
The EBML_IntegerValue function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | |||||
CVE-2017-12800 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-22 | 4.3 MEDIUM | 6.5 MEDIUM |
The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | |||||
CVE-2017-12801 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-22 | 4.3 MEDIUM | 6.5 MEDIUM |
The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | |||||
CVE-2017-12781 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-22 | 4.3 MEDIUM | 6.5 MEDIUM |
The EBML_BufferToID function in ebmlelement.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | |||||
CVE-2017-12780 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-22 | 4.3 MEDIUM | 6.5 MEDIUM |
The ReadData function in ebmlstring.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted mkv file. | |||||
CVE-2017-12782 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-22 | 4.3 MEDIUM | 6.5 MEDIUM |
The ReadData function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | |||||
CVE-2017-12783 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-22 | 4.3 MEDIUM | 6.5 MEDIUM |
The ReadDataFloat function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | |||||
CVE-2008-1161 | 1 Matroska | 1 Demuxer | 2017-08-07 | 9.3 HIGH | N/A |
Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib before 1.1.10.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes. | |||||
CVE-2015-8790 | 1 Matroska | 1 Libebml | 2017-01-19 | 4.3 MEDIUM | 4.3 MEDIUM |
The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access. | |||||
CVE-2015-8789 | 1 Matroska | 1 Libebml | 2017-01-19 | 9.3 HIGH | 9.6 CRITICAL |
Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document. | |||||
CVE-2015-8791 | 1 Matroska | 1 Libebml | 2016-12-02 | 4.3 MEDIUM | 4.3 MEDIUM |
The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access. |