Vulnerability Details CVE-2017-11733
A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.3%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- http://somevulnsofadlab.blogspot.jp/2017/07/libmingnull-pointer-dereference-in.html
- https://github.com/libming/libming/issues/78
- https://lists.debian.org/debian-lts-announce/2017/11/msg00022.html
- https://security.gentoo.org/glsa/201904-24
- http://somevulnsofadlab.blogspot.jp/2017/07/libmingnull-pointer-dereference-in.html
- https://github.com/libming/libming/issues/78
- https://lists.debian.org/debian-lts-announce/2017/11/msg00022.html
- https://security.gentoo.org/glsa/201904-24
Products affected by CVE-2017-11733
-
cpe:2.3:a:libming:ming:0.4.8
-
cpe:2.3:o:debian:debian_linux:7.0