Libming: >> Libming >> 0.4.8 Security Vulnerabilities
The outputSWF_TEXT_RECORD function in util/outputscript.c in libming <= 0.4.8 is vulnerable to a NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted swf file.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-11-18
The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-06-28
util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-06-28
The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to a memory allocation error.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-05-31
Page 10