Libming
by Libming
Source repositories
CVEs (120)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-8963 | Med | 0.42 | 6.5 | 0.02 | Mar 23, 2018 | In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | ||
| CVE-2018-8962 | Med | 0.42 | 6.5 | 0.02 | Mar 23, 2018 | In libming 0.4.8, the decompileSingleArgBuiltInFunctionCall function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | ||
| CVE-2018-8961 | Med | 0.42 | 6.5 | 0.02 | Mar 23, 2018 | In libming 0.4.8, the decompilePUSHPARAM function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | ||
| CVE-2018-8807 | Med | 0.42 | 6.5 | 0.02 | Mar 20, 2018 | In libming 0.4.8, these is a use-after-free in the function decompileCALLFUNCTION of decompile.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | ||
| CVE-2018-8806 | Med | 0.42 | 6.5 | 0.02 | Mar 20, 2018 | In libming 0.4.8, there is a use-after-free in the decompileArithmeticOp function of decompile.c. Remote attackers could use this vulnerability to cause a denial-of-service via a crafted swf file. | ||
| CVE-2018-7877 | Med | 0.42 | 6.5 | 0.01 | Mar 8, 2018 | There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for DOUBLE data. A Crafted input will lead to a denial of service attack. | ||
| CVE-2018-7876 | Med | 0.42 | 6.5 | 0.02 | Mar 8, 2018 | In libming 0.4.8, a memory exhaustion vulnerability was found in the function parseSWF_ACTIONRECORD in util/parser.c, which allows remote attackers to cause a denial of service via a crafted file. | ||
| CVE-2018-7875 | Med | 0.42 | 6.5 | 0.02 | Mar 8, 2018 | There is a heap-based buffer over-read in the getString function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack. | ||
| CVE-2018-7874 | Med | 0.42 | 6.5 | 0.01 | Mar 8, 2018 | An invalid memory address dereference was discovered in strlenext in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||
| CVE-2018-7873 | Med | 0.42 | 6.5 | 0.02 | Mar 8, 2018 | There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for INTEGER data. A Crafted input will lead to a denial of service attack. | ||
| CVE-2018-7872 | Med | 0.42 | 6.5 | 0.02 | Mar 8, 2018 | An invalid memory address dereference was discovered in the function getName in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||
| CVE-2018-7870 | Med | 0.42 | 6.5 | 0.02 | Mar 8, 2018 | An invalid memory address dereference was discovered in getString in util/decompile.c in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||
| CVE-2018-7868 | Med | 0.42 | 6.5 | 0.02 | Mar 8, 2018 | There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack. | ||
| CVE-2018-7867 | Med | 0.42 | 6.5 | 0.02 | Mar 8, 2018 | There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. A Crafted input will lead to a denial of service attack. | ||
| CVE-2018-7866 | Med | 0.42 | 6.5 | 0.02 | Mar 8, 2018 | A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||
| CVE-2018-5294 | Med | 0.42 | 6.5 | 0.02 | Jan 8, 2018 | In libming 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the readUInt32 function (util/read.c). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file. | ||
| CVE-2018-5251 | Med | 0.42 | 6.5 | 0.02 | Jan 5, 2018 | In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file. | ||
| CVE-2017-16883 | Med | 0.42 | 6.5 | 0.01 | Nov 18, 2017 | The outputSWF_TEXT_RECORD function in util/outputscript.c in libming <= 0.4.8 is vulnerable to a NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted swf file. | ||
| CVE-2017-11705 | Med | 0.42 | 6.5 | 0.01 | Jul 28, 2017 | A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-11704 | Med | 0.42 | 6.5 | 0.01 | Jul 28, 2017 | A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. |
- risk 0.42cvss 6.5epss 0.02
In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.
- risk 0.42cvss 6.5epss 0.02
In libming 0.4.8, the decompileSingleArgBuiltInFunctionCall function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.
- risk 0.42cvss 6.5epss 0.02
In libming 0.4.8, the decompilePUSHPARAM function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.
- risk 0.42cvss 6.5epss 0.02
In libming 0.4.8, these is a use-after-free in the function decompileCALLFUNCTION of decompile.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.
- risk 0.42cvss 6.5epss 0.02
In libming 0.4.8, there is a use-after-free in the decompileArithmeticOp function of decompile.c. Remote attackers could use this vulnerability to cause a denial-of-service via a crafted swf file.
- risk 0.42cvss 6.5epss 0.01
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for DOUBLE data. A Crafted input will lead to a denial of service attack.
- risk 0.42cvss 6.5epss 0.02
In libming 0.4.8, a memory exhaustion vulnerability was found in the function parseSWF_ACTIONRECORD in util/parser.c, which allows remote attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.02
There is a heap-based buffer over-read in the getString function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack.
- risk 0.42cvss 6.5epss 0.01
An invalid memory address dereference was discovered in strlenext in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
- risk 0.42cvss 6.5epss 0.02
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for INTEGER data. A Crafted input will lead to a denial of service attack.
- risk 0.42cvss 6.5epss 0.02
An invalid memory address dereference was discovered in the function getName in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
- risk 0.42cvss 6.5epss 0.02
An invalid memory address dereference was discovered in getString in util/decompile.c in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
- risk 0.42cvss 6.5epss 0.02
There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack.
- risk 0.42cvss 6.5epss 0.02
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. A Crafted input will lead to a denial of service attack.
- risk 0.42cvss 6.5epss 0.02
A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
- risk 0.42cvss 6.5epss 0.02
In libming 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the readUInt32 function (util/read.c). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.
- risk 0.42cvss 6.5epss 0.02
In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file.
- risk 0.42cvss 6.5epss 0.01
The outputSWF_TEXT_RECORD function in util/outputscript.c in libming <= 0.4.8 is vulnerable to a NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted swf file.
- risk 0.42cvss 6.5epss 0.01
A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.01
A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
Page 2 of 6