CVE-2015-8789

Name of the Vulnerable Software and Affected Versions libEBML versions prior to 1.3.3

Description A use-after-free issue exists in the EbmlMaster::Read function, allowing context-dependent attackers to have an unspecified impact. This can be achieved by providing a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document.

Recommendations For versions prior to 1.3.3, update to version 1.3.3 or later to resolve the issue. As a temporary workaround, consider restricting the processing of deeply nested EBML elements to minimize the risk of exploitation.