5.5

CVE-2017-11733

A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LibmingMing Version0.4.8
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.98% 0.576
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://lists.debian.org/debian-lts-announce/2017/11/msg00022.html
Third Party Advisory
Mailing List
https://security.gentoo.org/glsa/201904-24
Third Party Advisory
http://somevulnsofadlab.blogspot.jp/2017/07/libmingnull-pointer-dereference-in.html
Third Party Advisory
https://github.com/libming/libming/issues/78
Third Party Advisory