CVE-2018-4022
7.3
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | MKVToolNix | MKVToolNix mkvinfo v25.0.0 ('Prog Noir') 64-bit | affected |
Weaknesses
- use-after-free
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.