In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows.
Max CVSS
6.5
EPSS Score
0.06%
Published
2024-01-12
Updated
2024-02-05
A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.
Max CVSS
6.5
EPSS Score
1.79%
Published
2021-02-23
Updated
2022-09-30
The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
Max CVSS
6.5
EPSS Score
0.23%
Published
2017-11-10
Updated
2017-11-28
The EBML_IntegerValue function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
Max CVSS
6.5
EPSS Score
0.08%
Published
2017-11-10
Updated
2017-11-27
The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
Max CVSS
6.5
EPSS Score
0.08%
Published
2017-11-10
Updated
2017-11-22
The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
Max CVSS
6.5
EPSS Score
0.08%
Published
2017-11-10
Updated
2017-11-22
The ReadDataFloat function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
Max CVSS
6.5
EPSS Score
0.08%
Published
2017-11-10
Updated
2017-11-22
The ReadData function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
Max CVSS
6.5
EPSS Score
0.08%
Published
2017-11-10
Updated
2017-11-22
The EBML_BufferToID function in ebmlelement.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
Max CVSS
6.5
EPSS Score
0.08%
Published
2017-11-10
Updated
2017-11-22
The ReadData function in ebmlstring.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted mkv file.
Max CVSS
6.5
EPSS Score
0.08%
Published
2017-11-10
Updated
2017-11-22
The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
Max CVSS
6.5
EPSS Score
0.21%
Published
2017-11-10
Updated
2017-11-28
The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access.
Max CVSS
5.3
EPSS Score
0.18%
Published
2016-01-29
Updated
2018-10-30
The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access.
Max CVSS
4.3
EPSS Score
0.21%
Published
2016-01-29
Updated
2016-12-03
The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.
Max CVSS
4.3
EPSS Score
0.40%
Published
2016-01-29
Updated
2017-01-20
Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document.
Max CVSS
9.6
EPSS Score
0.83%
Published
2016-01-29
Updated
2017-01-20
Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib before 1.1.10.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes.
Max CVSS
9.3
EPSS Score
4.73%
Published
2008-03-10
Updated
2017-08-08
16 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!