CVE-2017-8368

Name of the Vulnerable Software and Affected Versions Sublime Text version 3 Build 3126

Description The issue allows user-assisted attackers to cause a denial of service or possibly have unspecified other impact via a crafted .mkv file. A potential threat model involves a victim obtaining an untrusted crafted file from a remote location and issuing several user-defined commands.

Recommendations For Sublime Text version 3 Build 3126, as a temporary workaround, consider avoiding the use of crafted .mkv files and limiting the execution of user-defined commands until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.