It was discovered that insufficient input sanitising in libevt, a library to access the Windows Event Log format, could result in denial of service or the execution of arbitrary code if a malformed EVT file is processed.