DSA-3538-1 libebml -- libebmlID: oval:org.secpod.oval:def:602452 | Date: (C)2016-04-01 (M)2021-06-02 |
Class: PATCH | Family: unix |
Several vulnerabilities were discovered in libebml, a library for manipulating Extensible Binary Meta Language files. CVE-2015-8789 Context-dependent attackers could trigger a use-after-free vulnerability by providing a maliciously crafted EBML document. CVE-2015-8790 Context-dependent attackers could obtain sensitive information from the process" heap memory by using a maliciously crafted UTF-8 string. CVE-2015-8791 Context-dependent attackers could obtain sensitive information from the process" heap memory by using a maliciously crafted length value in an EBML id.
Platform: |
Debian 8.x |
Debian 7.x |