The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access. External references: http://www.scip.ch/en/?vuldb.80728 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8790 Upstream fix: https://github.com/Matroska-Org/libebml/commit/ababb64e0c792ad2a314245233db0833ba12036b
*** Bug 1412629 has been marked as a duplicate of this bug. ***