Vulnerabilities > Libming > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-13 | CVE-2018-11017 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libming The newVar_N function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. | 8.8 |
| 2018-03-25 | CVE-2018-9009 | Use After Free vulnerability in multiple products In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file. | 8.8 |
| 2018-03-08 | CVE-2018-7871 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. | 8.8 |
| 2018-03-08 | CVE-2018-7869 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products There is a memory leak triggered in the function dcinit of util/decompile.c in libming 0.4.8, which will lead to a denial of service attack. | 7.5 |
| 2018-01-27 | CVE-2018-6359 | Use After Free vulnerability in multiple products The decompileIF function (util/decompile.c) in libming through 0.4.8 is vulnerable to a use-after-free, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file. | 8.8 |
| 2018-01-27 | CVE-2018-6358 | Out-of-bounds Write vulnerability in multiple products The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 is vulnerable to a heap-based buffer overflow, which may allow attackers to cause a denial of service or unspecified other impact via a crafted FDB file. | 8.8 |
| 2018-01-25 | CVE-2018-6315 | Integer Overflow or Wraparound vulnerability in multiple products The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming through 0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds read, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file. | 8.8 |
| 2017-04-07 | CVE-2017-7578 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libming 0.4.7 Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service (listswf application crash) or possibly have unspecified other impact via a crafted SWF file. | 7.8 |
| 2017-02-17 | CVE-2016-9831 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libming Heap-based buffer overflow in the parseSWF_RGBA function in parser.c in the listswf tool in libming 0.4.7 allows remote attackers to have unspecified impact via a crafted SWF file. | 7.8 |
| 2017-02-17 | CVE-2016-9829 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libming Heap-based buffer overflow in the parseSWF_DEFINEFONT function in parser.c in the listswf tool in libming 0.4.7 allows remote attackers to have unspecified impact via a crafted SWF file. | 7.8 |