Ming@0.4.8 Security Vulnerabilities and Issues — Ming@0.4.8 CVE List

Lucene search

LibmingMing0.4.8

17 matches found

CVE•added 2022/03/10 5:42 p.m.•81 views

CVE-2021-34342

Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.

6.5CVSS6.2AI score0.00265EPSS

CVE•added 2022/03/10 5:42 p.m.•71 views

CVE-2021-34341

Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.

6.5CVSS6.3AI score0.00226EPSS

CVE•added 2017/07/29 5:29 a.m.•66 views

CVE-2017-11730

A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1474) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

5.5CVSS6.2AI score0.00205EPSS

CVE•added 2022/03/10 5:42 p.m.•66 views

CVE-2021-34340

Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.

6.5CVSS6.4AI score0.00226EPSS

CVE•added 2017/07/29 5:29 a.m.•62 views

CVE-2017-11734

A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

5.5CVSS6.2AI score0.0019EPSS

CVE•added 2017/07/29 5:29 a.m.•57 views

CVE-2017-11733

A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

5.5CVSS6.1AI score0.00318EPSS

CVE•added 2017/07/29 5:29 a.m.•56 views

CVE-2017-11731

An invalid memory read vulnerability was found in the function OpCode (called from isLogicalOp and decompileIF) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

5.5CVSS6.1AI score0.00208EPSS

CVE•added 2017/07/29 5:29 a.m.•55 views

CVE-2017-11728

A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

5.5CVSS6.2AI score0.00208EPSS

CVE•added 2017/07/29 5:29 a.m.•52 views

CVE-2017-11729

A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1440) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

5.5CVSS6.2AI score0.00205EPSS

CVE•added 2017/07/29 5:29 a.m.•52 views

CVE-2017-11732

A heap-based buffer overflow vulnerability was found in the function dcputs (called from decompileIMPLEMENTS) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

5.5CVSS6.4AI score0.00215EPSS

CVE•added 2022/03/10 5:42 p.m.•50 views

CVE-2021-34338

Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.

6.5CVSS6.4AI score0.00226EPSS

CVE•added 2022/03/10 5:42 p.m.•49 views

CVE-2021-34339

Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.

6.5CVSS6.4AI score0.00226EPSS

CVE•added 2017/07/28 5:29 a.m.•46 views

CVE-2017-11704

A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

6.5CVSS6.8AI score0.00284EPSS

CVE•added 2017/07/28 5:29 a.m.•44 views

CVE-2017-11703

A memory leak vulnerability was found in the function parseSWF_DOACTION in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

6.5CVSS6.1AI score0.00308EPSS

CVE•added 2019/02/25 4:29 a.m.•41 views

CVE-2019-9113

Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function getString() in the decompile.c file in libutil.a.

8.8CVSS8.6AI score0.00285EPSS

CVE•added 2019/02/25 4:29 a.m.•41 views

CVE-2019-9114

Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in the function strcpyext() in the decompile.c file in libutil.a.

8.8CVSS8.8AI score0.00332EPSS

CVE•added 2017/07/28 5:29 a.m.•40 views

CVE-2017-11705

A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.

6.5CVSS6.1AI score0.00308EPSS