VYPR
Vendor

Ming

Products
3
CVEs
6
Across products
6
Status
Private

Products

3

Recent CVEs

6
  • CVE-2017-11705MedJul 28, 2017
    risk 0.42cvss 6.5epss 0.01

    A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-11703MedJul 28, 2017
    risk 0.42cvss 6.5epss 0.01

    A memory leak vulnerability was found in the function parseSWF_DOACTION in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-11734MedJul 29, 2017
    risk 0.36cvss 5.5epss 0.01

    A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-11728MedJul 29, 2017
    risk 0.36cvss 5.5epss 0.01

    A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2019-12980MedJun 26, 2019
    risk 0.00cvss 6.5epss 0.01

    In Ming (aka libming) 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the SWFInput_readSBits function in blocks/input.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.

  • CVE-2011-4705Jan 25, 2012
    risk 0.00cvss epss 0.01

    The Ming Blacklist Free (vc.software.blacklist) application 1.8.1 and 1.9.2.1 for Android does not properly protect data, which allows remote attackers to read or modify blacklists and a contact list via a crafted application that launches a "data-flow attack."