Libming

Libming

105 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-5294

  • EPSS 0.62%
  • Published 08.01.2018 07:29:00
  • Last modified 21.11.2024 04:08:31

In libming 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the readUInt32 function (util/read.c). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.

6.5

CVE-2018-5251

Exploit
  • EPSS 0.56%
  • Published 05.01.2018 20:29:00
  • Last modified 21.11.2024 04:08:25

In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file.

5.5

CVE-2017-16898

  • EPSS 0.15%
  • Published 20.11.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

The printMP3Headers function in util/listmp3.c in libming v0.4.8 or earlier is vulnerable to a global buffer overflow, which may allow attackers to cause a denial of service via a crafted file, a different vulnerability than CVE-2016-9264.

6.5

CVE-2017-16883

  • EPSS 0.32%
  • Published 18.11.2017 18:29:00
  • Last modified 20.04.2025 01:37:25

The outputSWF_TEXT_RECORD function in util/outputscript.c in libming <= 0.4.8 is vulnerable to a NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted swf file.

6.5

CVE-2017-9988

Exploit
  • EPSS 0.63%
  • Published 28.06.2017 06:29:00
  • Last modified 20.04.2025 01:37:25

The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c.

6.5

CVE-2017-9989

Exploit
  • EPSS 0.63%
  • Published 28.06.2017 06:29:00
  • Last modified 20.04.2025 01:37:25

util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack.

6.5

CVE-2017-8782

Exploit
  • EPSS 0.42%
  • Published 31.05.2017 04:29:00
  • Last modified 20.04.2025 01:37:25

The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to...

7.8

CVE-2017-7578

  • EPSS 0.35%
  • Published 07.04.2017 04:59:00
  • Last modified 20.04.2025 01:37:25

Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service (listswf application crash) or possibly have unspecified other impact via a crafted SWF file. NOTE: this issue exists because of an ...

5.5

CVE-2016-9264

  • EPSS 0.24%
  • Published 23.03.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

Buffer overflow in the printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file.

5.5

CVE-2016-9265

  • EPSS 0.22%
  • Published 23.03.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file.