Vigil@nce - libebml: three vulnerabilities
May 2016 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of libebml.
Impacted products: Debian.
Severity: 2/4.
Creation date: 31/03/2016.
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in libebml.
An attacker can force the usage of a freed memory area, in order
to trigger a denial of service, and possibly to run code.
[severity:2/4; CVE-2015-8789]
An attacker can bypass security features, in order to obtain
sensitive information. [severity:2/4; CVE-2015-8790]
An attacker can bypass security features, in order to obtain
sensitive information. [severity:2/4; CVE-2015-8791]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/libebml-three-vulnerabilities-19275