CVE-2015-8791

Name of the Vulnerable Software and Affected Versions libEBML versions prior to 1.3.3

Description The issue allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access. This occurs in the EbmlElement::ReadCodedSizeValue function.

Recommendations For versions prior to 1.3.3, update to version 1.3.3 or later to resolve the issue.