Moritz Bunkus

3 exploits Active since Jan 2016
CVE-2015-8789 WRITEUP CRITICAL WRITEUP
libEBML < 1.3.3 - Use-After-Free via Deeply Nested EBML Element
Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document.
CVSS 9.6
CVE-2015-8792 WRITEUP MEDIUM WRITEUP
libmatroska < 1.4.4 - Heap Memory Information Disclosure via Crafted EBML Lacing
The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access.
CVSS 5.3
CVE-2015-8789 WRITEUP CRITICAL WRITEUP
libEBML < 1.3.3 - Use-After-Free via Deeply Nested EBML Element
Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document.
CVSS 9.6