Shodan
Vulnerabilities
Vulnerable Software
Libming:  Security Vulnerabilities
CVE-2017-11705
A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-07-28
CVE-2017-9988
The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-06-28
CVE-2017-9989
util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-06-28
CVE-2017-8782
The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to a memory allocation error.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-05-31
CVE-2017-7578
Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service (listswf application crash) or possibly have unspecified other impact via a crafted SWF file. NOTE: this issue exists because of an incomplete fix for CVE-2016-9831.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-04-07
CVE-2016-9264
Buffer overflow in the printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-23
CVE-2016-9265
The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-23
CVE-2016-9266
listmp3.c in libming 0.4.7 allows remote attackers to unspecified impact via a crafted mp3 file, which triggers an invalid left shift.
CVSS Score
6.5
EPSS Score
0.007
Published
2017-03-23
CVE-2016-9827
The _iprintf function in outputtxt.c in the listswf tool in libming 0.4.7 allows remote attackers to cause a denial of service (buffer over-read) via a crafted SWF file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-17
CVE-2016-9828
The dumpBuffer function in read.c in the listswf tool in libming 0.4.7 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SWF file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved