The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.
Debian Linux Security Advisory 3538-1 - Several vulnerabilities were discovered in libebml, a library for manipulating Extensible Binary Meta Language files.