Description
libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.
References (6)
Core 6
Core References
Exploit, Issue Tracking, Vendor Advisory x_refsource_misc
https://trac.videolan.org/vlc/ticket/22474
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/109304
Patch x_refsource_misc
https://github.com/Matroska-Org/libebml/commit/05beb69ba60acce09f73ed491bb76f332849c3a0
Various Sources x_refsource_misc
https://github.com/Matroska-Org/libebml/compare/release-1.3.5...release-1.3.6
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4073-1/
Scores
CVSS v3
5.5
EPSS
0.0031
EPSS Percentile
53.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (1)
videolan/vlc_media_player
< 3.0.3
Published
Jul 16, 2019
Tracked Since
Feb 18, 2026