The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8790