Friday, October 26, 2018

Vulnerability Spotlight: Talos-2018-0694 – MKVToolNix mkvinfo read_one_element Code Execution Vulnerability


Threat Research

Vulnerability Spotlight: Talos-2018-0694 – MKVToolNix mkvinfo read_one_element Code Execution Vulnerability

Piotr Bania, Cory Duplantis and Martin Zeiser of Cisco Talos discovered this vulnerability.

Today, Cisco Talos is disclosing a vulnerability that we identified in the MKVToolNix mkvinfo utility that parses the Matroska file format video files (.mkv files).

MKVToolNix is a set of tools to create, alter and inspect Matroska files on Linux, Windows and other operating systems.

Matroska is a file format for storing common multimedia content, like movies or TV shows, with implementations consisting of mostly of open-source software. Matroska file extensions are MKV for video, MK3D for stereoscopic video, MKA for audio-only files and MKS for subtitle-only files.

Read More >>

Tags:



from Cisco Blog » Security https://ift.tt/2CGtcah

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.