Use-After-Free Vulnerability in MKVToolNix MKVINFO v25.0.0 Allows Arbitrary Code Execution
CVE-2018-4022 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user.
Learn more about our User Device Pen Test.