Ming
by Libming
Source repositories
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-11705 | Med | 0.42 | 6.5 | 0.01 | Jul 28, 2017 | A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-11704 | Med | 0.42 | 6.5 | 0.01 | Jul 28, 2017 | A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-11703 | Med | 0.42 | 6.5 | 0.01 | Jul 28, 2017 | A memory leak vulnerability was found in the function parseSWF_DOACTION in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-11734 | Med | 0.36 | 5.5 | 0.01 | Jul 29, 2017 | A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-11733 | Med | 0.36 | 5.5 | 0.01 | Jul 29, 2017 | A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-11732 | Med | 0.36 | 5.5 | 0.01 | Jul 29, 2017 | A heap-based buffer overflow vulnerability was found in the function dcputs (called from decompileIMPLEMENTS) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-11731 | Med | 0.36 | 5.5 | 0.01 | Jul 29, 2017 | An invalid memory read vulnerability was found in the function OpCode (called from isLogicalOp and decompileIF) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-11730 | Med | 0.36 | 5.5 | 0.01 | Jul 29, 2017 | A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1474) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-11729 | Med | 0.36 | 5.5 | 0.01 | Jul 29, 2017 | A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1440) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2017-11728 | Med | 0.36 | 5.5 | 0.01 | Jul 29, 2017 | A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | ||
| CVE-2021-34339 | 0.00 | — | 0.01 | Mar 7, 2022 | Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service. | |||
| CVE-2021-34340 | 0.00 | — | 0.01 | Mar 7, 2022 | Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service. | |||
| CVE-2021-34341 | 0.00 | — | 0.01 | Mar 7, 2022 | Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service. | |||
| CVE-2019-9114 | 0.00 | — | 0.01 | Feb 25, 2019 | Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in the function strcpyext() in the decompile.c file in libutil.a. |
- risk 0.42cvss 6.5epss 0.01
A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.01
A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
- risk 0.42cvss 6.5epss 0.01
A memory leak vulnerability was found in the function parseSWF_DOACTION in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
- risk 0.36cvss 5.5epss 0.01
A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
- risk 0.36cvss 5.5epss 0.01
A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
- risk 0.36cvss 5.5epss 0.01
A heap-based buffer overflow vulnerability was found in the function dcputs (called from decompileIMPLEMENTS) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
- risk 0.36cvss 5.5epss 0.01
An invalid memory read vulnerability was found in the function OpCode (called from isLogicalOp and decompileIF) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
- risk 0.36cvss 5.5epss 0.01
A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1474) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
- risk 0.36cvss 5.5epss 0.01
A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1440) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
- risk 0.36cvss 5.5epss 0.01
A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
- CVE-2021-34339Mar 7, 2022risk 0.00cvss —epss 0.01
Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
- CVE-2021-34340Mar 7, 2022risk 0.00cvss —epss 0.01
Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
- CVE-2021-34341Mar 7, 2022risk 0.00cvss —epss 0.01
Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.
- CVE-2019-9114Feb 25, 2019risk 0.00cvss —epss 0.01
Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in the function strcpyext() in the decompile.c file in libutil.a.