Use-After-Free
Vulnerability Spotlight: Talos-2018-0694 – MKVToolNix mkvinfo read_one_element Code Execution Vulnerability
Piotr Bania, Cory Duplantis and Martin Zeiser of Cisco Talos discovered this vulnerability. Today, Cisco Talos is disclosing a vulnerability that we identified in the MKVToolNix mkvinfo utility that parses the Matroska file format video files (.mkv files). MKVToolNix is a set of tools to create, alt…
Research Spotlight: FreeSentry Mitigating use-after-free Vulnerabilities
This post was authored by Earl Carter & Yves Younan. Talos is constantly researching the ways in which threat actors take advantage of security weaknesses to exploit systems. Use-after-free vulnerabilities have become an important class of security problems due to the existence of mitigations th…