VDB
GCVE-110-MAGEIA-2018-212
GCVE-110-MAGEIA-2018-212
Advisory Published
The readString function in util/read.c and util/old/read.c in libming
0.4.8 allows remote attackers to cause a denial of service via a large
file that is mishandled by listswf, listaction, etc. This occurs
because of an integer overflow that leads to a memory allocation error.
(CVE-2017-8782)
The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles
memory allocation. A crafted input will lead to a remote denial of
service (NULL pointer dereference) attack against parser.c.
(CVE-2017-9988)
util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A
crafted input will lead to a remote denial of service (NULL pointer
dereference) attack. (CVE-2017-9989)
A heap-based buffer over-read was found in the function decompileIF in
util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial
of service via a crafted file. (CVE-2017-11704)
A heap-based buffer over-read was found in the function OpCode (called
from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows
attackers to cause a denial of service via a crafted file.
(CVE-2017-11728)
A heap-based buffer over-read was found in the function OpCode (called
from decompileINCR_DECR line 1440) in util/decompile.c in Ming 0.4.8,
which allows attackers to cause a denial of service via a crafted file.
(CVE-2017-11729)
A heap-based buffer over-read was found in the function OpCode (called
from decompileINCR_DECR line 1474) in util/decompile.c in Ming 0.4.8,
which allows attackers to cause a denial of service via a crafted file.
(CVE-2017-11730)
An invalid memory read vulnerability was found in the function OpCode
(called from isLogicalOp and decompileIF) in util/decompile.c in Ming
0.4.8, which allows attackers to cause a denial of service via a crafted
file. (CVE-2017-11731)
A heap-based buffer overflow vulnerability was found in the function
dcputs (called from decompileIMPLEMENTS) in util/decompile.c in Ming
0.4.8, which allows attackers to cause a denial of service via a
crafted file. (CVE-2017-11732)
A null pointer dereference vulnerability was found in the function
stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming
0.4.8, which allows attackers to cause a denial of service via a crafted
file. (CVE-2017-11733)
A heap-based buffer over-read was found in the function
decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows
attackers to cause a denial of service via a crafted file.
(CVE-2017-11734)
The outputSWF_TEXT_RECORD function in util/outputscript.c in libming <=
0.4.8 is vulnerable to a NULL pointer dereference, which may allow
attackers to cause a denial of service via a crafted swf file.
(CVE-2017-16883)
The printMP3Headers function in util/listmp3.c in libming v0.4.8 or
earlier is vulnerable to a global buffer overflow, which may allow
attackers to cause a denial of service via a crafted file, a different
vulnerability than CVE-2016-9264. (CVE-2017-16898)
In libming 0.4.8, there is an integer signedness error vulnerability
(left shift of a negative value) in the readSBits function
(util/read.c). Remote attackers can leverage this vulnerability to
cause a denial of service via a crafted swf file. (CVE-2018-5251)
In libming 0.4.8, there is an integer overflow (caused by an
out-of-range left shift) in the readUInt32 function (util/read.c).
Remote attackers could leverage this vulnerability to cause a
denial-of-service via a crafted swf file. (CVE-2018-5294)
The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming
through 0.4.8 is vulnerable to an integer overflow and resultant
out-of-bounds read, which may allow attackers to cause a denial of
service or unspecified other impact via a crafted SWF file.
(CVE-2018-6315)
The decompileIF function (util/decompile.c) in libming through 0.4.8
is vulnerable to a use-after-free, which may allow attackers to cause a
denial of service or unspecified other impact via a crafted SWF file.
(CVE-2018-6359)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | ming | 0.4.5-14.1.mga6 (unaffected), 0 (affected) | — |
References
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.