Vulnerabilites related to libming - ming
Vulnerability from fkie_nvd
Published
2017-07-29 05:29
Modified
2024-11-21 03:08
Severity ?
Summary
A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1474) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_24.html | Third Party Advisory | |
cve@mitre.org | https://github.com/libming/libming/issues/81 | Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_24.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/81 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1474) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, { lang: "es", value: "Se ha encontrado una vulnerabilidad de sobrelectura de búfer basada en memoria dinámica (heap) en la función OpCode (cuando se llama desde decompileINCR_DECR line 1474) en util/decompile.c en la versión 0.4.8 de Ming, que permite a los atacantes provocar la denegación del servicio mediante un fichero especialmente diseñado.", }, ], id: "CVE-2017-11730", lastModified: "2024-11-21T03:08:23.170", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-29T05:29:00.343", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_24.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/81", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_24.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/81", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-02-25 04:29
Modified
2024-11-21 04:51
Severity ?
Summary
Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function getString() in the decompile.c file in libutil.a.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/libming/libming/issues/171 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/171 | Exploit, Issue Tracking, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function getString() in the decompile.c file in libutil.a.", }, { lang: "es", value: "Ming (también conocido como libming) 0.4.8 tiene una desreferencia de puntero NULL en la función getString() del archivo decompile.c en libutil.a.", }, ], id: "CVE-2019-9113", lastModified: "2024-11-21T04:51:00.673", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-02-25T04:29:00.463", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/171", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/171", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-02-25 04:29
Modified
2024-11-21 04:51
Severity ?
Summary
Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in the function strcpyext() in the decompile.c file in libutil.a.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/libming/libming/issues/170 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/170 | Exploit, Issue Tracking, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in the function strcpyext() in the decompile.c file in libutil.a.", }, { lang: "es", value: "Ming (también conocido como libming) 0.4.8 tiene una vulnerabilidad de escritura fuera de límites en la función strcpyext() del archivo decompile.c en libutil.a.", }, ], id: "CVE-2019-9114", lastModified: "2024-11-21T04:51:00.810", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-02-25T04:29:00.497", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/170", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/170", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-29 05:29
Modified
2024-11-21 03:08
Severity ?
Summary
An invalid memory read vulnerability was found in the function OpCode (called from isLogicalOp and decompileIF) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://somevulnsofadlab.blogspot.jp/2017/07/libminginvalid-memory-read-in-opcode.html | Third Party Advisory | |
cve@mitre.org | https://github.com/libming/libming/issues/84 | Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://somevulnsofadlab.blogspot.jp/2017/07/libminginvalid-memory-read-in-opcode.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/84 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An invalid memory read vulnerability was found in the function OpCode (called from isLogicalOp and decompileIF) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, { lang: "es", value: "Se ha encontrado una vulnerabilidad de lectura de memoria no válida en la función OpCode (cuando se llama desde isLogicalOp y decompileIF) en util/decompile.c en la versión 0.4.8 de Ming, que permite a los atacantes provocar la denegación del servicio mediante un fichero especialmente diseñado.", }, ], id: "CVE-2017-11731", lastModified: "2024-11-21T03:08:23.320", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-29T05:29:00.373", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libminginvalid-memory-read-in-opcode.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/84", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libminginvalid-memory-read-in-opcode.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/84", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-29 05:29
Modified
2024-11-21 03:08
Severity ?
Summary
A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://somevulnsofadlab.blogspot.jp/2017/07/libmingnull-pointer-dereference-in.html | Third Party Advisory | |
cve@mitre.org | https://github.com/libming/libming/issues/78 | Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2017/11/msg00022.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://somevulnsofadlab.blogspot.jp/2017/07/libmingnull-pointer-dereference-in.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/78 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2017/11/msg00022.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
libming | ming | 0.4.8 | |
debian | debian_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, { lang: "es", value: "Se ha encontrado una vulnerabilidad de desreferencia de puntero NULL en la función stackswap (cuando se llama desde decompileSTACKSWAP) en util/decompile.c en la versión 0.4.8 de Ming, que permite a los atacantes provocar la denegación del servicio mediante un fichero especialmente diseñado.", }, ], id: "CVE-2017-11733", lastModified: "2024-11-21T03:08:23.633", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-29T05:29:00.437", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingnull-pointer-dereference-in.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/78", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00022.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingnull-pointer-dereference-in.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/78", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-28 05:29
Modified
2024-11-21 03:08
Severity ?
Summary
A memory leak vulnerability was found in the function parseSWF_DOACTION in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in-parseswfdoaction.html | Exploit, Third Party Advisory | |
cve@mitre.org | https://github.com/libming/libming/issues/72 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in-parseswfdoaction.html | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/72 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A memory leak vulnerability was found in the function parseSWF_DOACTION in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, { lang: "es", value: "Se encontró una vulnerabilidad de perdida de memoria en la función parseSWF_DOACTION del archivo útil/parser.c en Ming versión 0.4.8, que permite a los atacantes causar una denegación de servicio por medio de un archivo creado.", }, ], id: "CVE-2017-11703", lastModified: "2024-11-21T03:08:20.070", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-28T05:29:00.513", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in-parseswfdoaction.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/72", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in-parseswfdoaction.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/72", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-772", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-29 05:29
Modified
2024-11-21 03:08
Severity ?
Summary
A heap-based buffer overflow vulnerability was found in the function dcputs (called from decompileIMPLEMENTS) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-dcputs.html | Third Party Advisory | |
cve@mitre.org | https://github.com/libming/libming/issues/80 | Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/01/msg00014.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-dcputs.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/80 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/01/msg00014.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
libming | ming | 0.4.8 | |
debian | debian_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A heap-based buffer overflow vulnerability was found in the function dcputs (called from decompileIMPLEMENTS) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, { lang: "es", value: "Se ha encontrado una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) en la función dcputs (cuando se llama desde decompileIMPLEMENTS) en util/decompile.c en la versión 0.4.8 de Ming, que permite a los atacantes provocar la denegación del servicio mediante un fichero especialmente diseñado.", }, ], id: "CVE-2017-11732", lastModified: "2024-11-21T03:08:23.470", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-29T05:29:00.407", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-dcputs.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/80", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/01/msg00014.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-dcputs.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/80", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/01/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-10 17:42
Modified
2024-11-21 06:10
Severity ?
Summary
Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
References
▼ | URL | Tags | |
---|---|---|---|
patrick@puiterwijk.org | https://bugzilla.redhat.com/show_bug.cgi?id=1969612 | Issue Tracking | |
patrick@puiterwijk.org | https://github.com/libming/libming/issues/203 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1969612 | Issue Tracking | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/203 | Exploit, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
libming | ming | 0.4.8 | |
fedoraproject | fedora | 35 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.", }, { lang: "es", value: "Ming versión 0.4.8, presenta un problema de acceso al búfer fuera de límites en la función decompileINCR_DECR() del archivo decompiler.c que causa un fallo de segmentación directo y conlleva a una denegación de servicio", }, ], id: "CVE-2021-34340", lastModified: "2024-11-21T06:10:12.013", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-10T17:42:37.657", references: [ { source: "patrick@puiterwijk.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969612", }, { source: "patrick@puiterwijk.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/203", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969612", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/203", }, ], sourceIdentifier: "patrick@puiterwijk.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "patrick@puiterwijk.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-10 17:42
Modified
2024-11-21 06:10
Severity ?
Summary
Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.
References
▼ | URL | Tags | |
---|---|---|---|
patrick@puiterwijk.org | https://bugzilla.redhat.com/show_bug.cgi?id=1969628 | Issue Tracking | |
patrick@puiterwijk.org | https://github.com/libming/libming/issues/204 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1969628 | Issue Tracking | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/204 | Exploit, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
libming | ming | 0.4.8 | |
fedoraproject | fedora | 35 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.", }, { lang: "es", value: "Ming versión 0.4.8, presenta una vulnerabilidad de lectura fuera de límites en la función decompileIF() del archivo decompile.c que causa un fallo de segmentación directa y conlleva a una denegación de servicio", }, ], id: "CVE-2021-34341", lastModified: "2024-11-21T06:10:12.147", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-10T17:42:37.920", references: [ { source: "patrick@puiterwijk.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969628", }, { source: "patrick@puiterwijk.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/204", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969628", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/204", }, ], sourceIdentifier: "patrick@puiterwijk.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "patrick@puiterwijk.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-29 05:29
Modified
2024-11-21 03:08
Severity ?
Summary
A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1440) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode.html | Third Party Advisory | |
cve@mitre.org | https://github.com/libming/libming/issues/79 | Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/79 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1440) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, { lang: "es", value: "Se ha encontrado una vulnerabilidad de desreferencia de puntero NULL en la función OpCode (cuando se llama desde decompileINCR_DECR line 1440) en util/decompile.c en la versión 0.4.8 de Ming, que permite a los atacantes provocar la denegación del servicio mediante un fichero especialmente diseñado.", }, ], id: "CVE-2017-11729", lastModified: "2024-11-21T03:08:23.023", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-29T05:29:00.310", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/79", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/79", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-28 05:29
Modified
2024-11-21 03:08
Severity ?
Summary
A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in.html | Exploit, Third Party Advisory | |
cve@mitre.org | https://github.com/libming/libming/issues/71 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in.html | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/71 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, { lang: "es", value: "Se encontró una perdida de memoria en la función parseSWF_SHAPEWITHSTYLE en el archivo útil/parser.c en Ming versión 0.4.8, lo que permite a los atacantes causar una denegación de servicio por medio de un archivo creado.", }, ], id: "CVE-2017-11705", lastModified: "2024-11-21T03:08:20.387", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-28T05:29:00.683", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/71", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/71", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-772", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-10 17:42
Modified
2024-11-21 06:10
Severity ?
Summary
Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
References
▼ | URL | Tags | |
---|---|---|---|
patrick@puiterwijk.org | https://bugzilla.redhat.com/show_bug.cgi?id=1969616 | Issue Tracking, Third Party Advisory | |
patrick@puiterwijk.org | https://github.com/libming/libming/issues/201 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1969616 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/201 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
libming | ming | 0.4.8 | |
fedoraproject | fedora | 35 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.", }, { lang: "es", value: "Ming versión 0.4.8, presenta un problema de sobreescritura de búfer fuera de límites en la función getName() del archivo decompiler.c que causa un fallo de segmentación directo y conlleva a una denegación de servicio", }, ], id: "CVE-2021-34338", lastModified: "2024-11-21T06:10:11.753", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-10T17:42:36.847", references: [ { source: "patrick@puiterwijk.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969616", }, { source: "patrick@puiterwijk.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/201", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969616", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/201", }, ], sourceIdentifier: "patrick@puiterwijk.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "patrick@puiterwijk.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-28 05:29
Modified
2024-11-21 03:08
Severity ?
Summary
A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in.html | Exploit, Third Party Advisory | |
cve@mitre.org | https://github.com/libming/libming/issues/76 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in.html | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/76 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, { lang: "es", value: "Se encontró una lectura en exceso del búfer en la región heap de la memoria en la función decompileIF en el archivo útil/decompile.c en Ming versión 0.4.8, que permite a los atacantes causar una denegación de servicio por medio de un archivo creado.", }, ], id: "CVE-2017-11704", lastModified: "2024-11-21T03:08:20.230", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-28T05:29:00.577", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/76", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/76", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-29 05:29
Modified
2024-11-21 03:08
Severity ?
Summary
A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_32.html | Third Party Advisory | |
cve@mitre.org | https://github.com/libming/libming/issues/82 | Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_32.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/82 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, { lang: "es", value: "Se ha encontrado una vulnerabilidad de sobrelectura de búfer basada en memoria dinámica (heap) en la función OpCode (cuando se llama desde decompileSETMEMBER) en util/decompile.c en la versión 0.4.8 de Ming, que permite a los atacantes provocar la denegación del servicio mediante un fichero especialmente diseñado.", }, ], id: "CVE-2017-11728", lastModified: "2024-11-21T03:08:22.870", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-29T05:29:00.263", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_32.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/82", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_32.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/82", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-29 05:29
Modified
2024-11-21 03:08
Severity ?
Summary
A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html | Third Party Advisory | |
cve@mitre.org | https://github.com/libming/libming/issues/83 | Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/83 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201904-24 | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, { lang: "es", value: "Se ha encontrado una vulnerabilidad de sobrelectura de búfer basada en memoria dinámica (heap) en la función decompileCALLFUNCTION en util/decompile.c en la versión 0.4.8 de Ming, que permite a los atacantes provocar la denegación del servicio mediante un fichero especialmente diseñado.", }, ], id: "CVE-2017-11734", lastModified: "2024-11-21T03:08:23.797", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-29T05:29:00.467", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/83", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/83", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-10 17:42
Modified
2024-11-21 06:10
Severity ?
Summary
Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.
References
▼ | URL | Tags | |
---|---|---|---|
patrick@puiterwijk.org | https://bugzilla.redhat.com/show_bug.cgi?id=1969619 | Issue Tracking, Third Party Advisory | |
patrick@puiterwijk.org | https://github.com/libming/libming/issues/205 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1969619 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/205 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
libming | ming | 0.4.8 | |
fedoraproject | fedora | 35 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.", }, { lang: "es", value: "Ming versión 0.4.8, presenta una vulnerabilidad de lectura fuera de límites en la función newVar_N() en el archivo decompile.c que causa una gran filtrado de información", }, ], id: "CVE-2021-34342", lastModified: "2024-11-21T06:10:12.267", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-10T17:42:38.207", references: [ { source: "patrick@puiterwijk.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969619", }, { source: "patrick@puiterwijk.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969619", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/205", }, ], sourceIdentifier: "patrick@puiterwijk.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "patrick@puiterwijk.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-10 17:42
Modified
2024-11-21 06:10
Severity ?
Summary
Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
References
▼ | URL | Tags | |
---|---|---|---|
patrick@puiterwijk.org | https://bugzilla.redhat.com/show_bug.cgi?id=1969607 | Issue Tracking, Third Party Advisory | |
patrick@puiterwijk.org | https://github.com/libming/libming/issues/202 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1969607 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libming/libming/issues/202 | Exploit, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
libming | ming | 0.4.8 | |
fedoraproject | fedora | 35 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "B2ADA512-48F0-4FC4-8614-0212A9799B56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.", }, { lang: "es", value: "Ming versión 0.4.8, presenta un problema de acceso al búfer fuera de límites en la función getString() del archivo decompiler.c que causa un fallo de segmentación directo y conlleva a una denegación de servicio", }, ], id: "CVE-2021-34339", lastModified: "2024-11-21T06:10:11.877", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-10T17:42:37.283", references: [ { source: "patrick@puiterwijk.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969607", }, { source: "patrick@puiterwijk.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969607", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libming/libming/issues/202", }, ], sourceIdentifier: "patrick@puiterwijk.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "patrick@puiterwijk.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2017-11732
Vulnerability from cvelistv5
Published
2017-07-29 05:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
A heap-based buffer overflow vulnerability was found in the function dcputs (called from decompileIMPLEMENTS) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags |
---|---|---|
https://lists.debian.org/debian-lts-announce/2018/01/msg00014.html | mailing-list, x_refsource_MLIST | |
http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-dcputs.html | x_refsource_MISC | |
https://github.com/libming/libming/issues/80 | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-24 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:19:38.543Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[debian-lts-announce] 20180111 [SECURITY] [DLA 1240-1] ming security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/01/msg00014.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-dcputs.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/80", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-29T00:00:00", descriptions: [ { lang: "en", value: "A heap-based buffer overflow vulnerability was found in the function dcputs (called from decompileIMPLEMENTS) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-25T01:06:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[debian-lts-announce] 20180111 [SECURITY] [DLA 1240-1] ming security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/01/msg00014.html", }, { tags: [ "x_refsource_MISC", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-dcputs.html", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/80", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11732", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A heap-based buffer overflow vulnerability was found in the function dcputs (called from decompileIMPLEMENTS) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[debian-lts-announce] 20180111 [SECURITY] [DLA 1240-1] ming security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/01/msg00014.html", }, { name: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-dcputs.html", refsource: "MISC", url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-dcputs.html", }, { name: "https://github.com/libming/libming/issues/80", refsource: "MISC", url: "https://github.com/libming/libming/issues/80", }, { name: "GLSA-201904-24", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201904-24", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11732", datePublished: "2017-07-29T05:00:00", dateReserved: "2017-07-29T00:00:00", dateUpdated: "2024-08-05T18:19:38.543Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11730
Vulnerability from cvelistv5
Published
2017-07-29 05:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1474) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags |
---|---|---|
http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_24.html | x_refsource_MISC | |
https://github.com/libming/libming/issues/81 | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-24 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:19:37.730Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_24.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/81", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-29T00:00:00", descriptions: [ { lang: "en", value: "A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1474) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-25T01:06:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_24.html", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/81", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11730", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1474) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_24.html", refsource: "MISC", url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_24.html", }, { name: "https://github.com/libming/libming/issues/81", refsource: "MISC", url: "https://github.com/libming/libming/issues/81", }, { name: "GLSA-201904-24", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201904-24", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11730", datePublished: "2017-07-29T05:00:00", dateReserved: "2017-07-29T00:00:00", dateUpdated: "2024-08-05T18:19:37.730Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-9113
Vulnerability from cvelistv5
Published
2019-02-25 04:00
Modified
2024-08-04 21:38
Severity ?
EPSS score ?
Summary
Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function getString() in the decompile.c file in libutil.a.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libming/libming/issues/171 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T21:38:46.313Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/171", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-02-24T00:00:00", descriptions: [ { lang: "en", value: "Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function getString() in the decompile.c file in libutil.a.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-02-25T04:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/171", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-9113", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function getString() in the decompile.c file in libutil.a.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libming/libming/issues/171", refsource: "MISC", url: "https://github.com/libming/libming/issues/171", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-9113", datePublished: "2019-02-25T04:00:00", dateReserved: "2019-02-24T00:00:00", dateUpdated: "2024-08-04T21:38:46.313Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11734
Vulnerability from cvelistv5
Published
2017-07-29 05:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags |
---|---|---|
http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html | x_refsource_MISC | |
https://github.com/libming/libming/issues/83 | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-24 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:19:38.599Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/83", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-29T00:00:00", descriptions: [ { lang: "en", value: "A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-25T01:06:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/83", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11734", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html", refsource: "MISC", url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html", }, { name: "https://github.com/libming/libming/issues/83", refsource: "MISC", url: "https://github.com/libming/libming/issues/83", }, { name: "GLSA-201904-24", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201904-24", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11734", datePublished: "2017-07-29T05:00:00", dateReserved: "2017-07-29T00:00:00", dateUpdated: "2024-08-05T18:19:38.599Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11729
Vulnerability from cvelistv5
Published
2017-07-29 05:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1440) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags |
---|---|---|
http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode.html | x_refsource_MISC | |
https://github.com/libming/libming/issues/79 | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-24 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:19:39.059Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/79", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-29T00:00:00", descriptions: [ { lang: "en", value: "A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1440) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-25T01:06:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode.html", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/79", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11729", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1440) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode.html", refsource: "MISC", url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode.html", }, { name: "https://github.com/libming/libming/issues/79", refsource: "MISC", url: "https://github.com/libming/libming/issues/79", }, { name: "GLSA-201904-24", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201904-24", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11729", datePublished: "2017-07-29T05:00:00", dateReserved: "2017-07-29T00:00:00", dateUpdated: "2024-08-05T18:19:39.059Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-9114
Vulnerability from cvelistv5
Published
2019-02-25 04:00
Modified
2024-08-04 21:38
Severity ?
EPSS score ?
Summary
Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in the function strcpyext() in the decompile.c file in libutil.a.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libming/libming/issues/170 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T21:38:46.342Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/170", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-02-24T00:00:00", descriptions: [ { lang: "en", value: "Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in the function strcpyext() in the decompile.c file in libutil.a.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-02-25T04:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/170", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-9114", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in the function strcpyext() in the decompile.c file in libutil.a.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libming/libming/issues/170", refsource: "MISC", url: "https://github.com/libming/libming/issues/170", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-9114", datePublished: "2019-02-25T04:00:00", dateReserved: "2019-02-24T00:00:00", dateUpdated: "2024-08-04T21:38:46.342Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34338
Vulnerability from cvelistv5
Published
2022-03-07 22:26
Modified
2024-08-04 00:05
Severity ?
EPSS score ?
Summary
Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libming/libming/issues/201 | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=1969616 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:05:52.573Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/201", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969616", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ming", vendor: "n/a", versions: [ { status: "affected", version: "Ming 0.4.8", }, ], }, ], descriptions: [ { lang: "en", value: "Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "(CWE-125|CWE-787)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-07T22:26:35", orgId: "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", shortName: "fedora", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/201", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969616", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "patrick@puiterwijk.org", ID: "CVE-2021-34338", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ming", version: { version_data: [ { version_value: "Ming 0.4.8", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "(CWE-125|CWE-787)", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libming/libming/issues/201", refsource: "MISC", url: "https://github.com/libming/libming/issues/201", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1969616", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969616", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", assignerShortName: "fedora", cveId: "CVE-2021-34338", datePublished: "2022-03-07T22:26:35", dateReserved: "2021-06-08T00:00:00", dateUpdated: "2024-08-04T00:05:52.573Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11703
Vulnerability from cvelistv5
Published
2017-07-28 05:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
A memory leak vulnerability was found in the function parseSWF_DOACTION in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags |
---|---|---|
http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in-parseswfdoaction.html | x_refsource_MISC | |
https://github.com/libming/libming/issues/72 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:19:38.652Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in-parseswfdoaction.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/72", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-27T00:00:00", descriptions: [ { lang: "en", value: "A memory leak vulnerability was found in the function parseSWF_DOACTION in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-28T04:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in-parseswfdoaction.html", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/72", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11703", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A memory leak vulnerability was found in the function parseSWF_DOACTION in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in-parseswfdoaction.html", refsource: "MISC", url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in-parseswfdoaction.html", }, { name: "https://github.com/libming/libming/issues/72", refsource: "MISC", url: "https://github.com/libming/libming/issues/72", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11703", datePublished: "2017-07-28T05:00:00", dateReserved: "2017-07-27T00:00:00", dateUpdated: "2024-08-05T18:19:38.652Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34340
Vulnerability from cvelistv5
Published
2022-03-07 22:02
Modified
2024-08-04 00:05
Severity ?
EPSS score ?
Summary
Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libming/libming/issues/203 | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=1969612 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:05:52.501Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/203", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969612", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ming", vendor: "n/a", versions: [ { status: "affected", version: "Ming 0.4.8", }, ], }, ], descriptions: [ { lang: "en", value: "Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "(CWE-125|CWE-787)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-07T22:02:09", orgId: "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", shortName: "fedora", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/203", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969612", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "patrick@puiterwijk.org", ID: "CVE-2021-34340", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ming", version: { version_data: [ { version_value: "Ming 0.4.8", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "(CWE-125|CWE-787)", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libming/libming/issues/203", refsource: "MISC", url: "https://github.com/libming/libming/issues/203", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1969612", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969612", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", assignerShortName: "fedora", cveId: "CVE-2021-34340", datePublished: "2022-03-07T22:02:09", dateReserved: "2021-06-08T00:00:00", dateUpdated: "2024-08-04T00:05:52.501Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34339
Vulnerability from cvelistv5
Published
2022-03-07 22:26
Modified
2024-08-04 00:05
Severity ?
EPSS score ?
Summary
Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libming/libming/issues/202 | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=1969607 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:05:52.726Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/202", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969607", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ming", vendor: "n/a", versions: [ { status: "affected", version: "Ming 0.4.8", }, ], }, ], descriptions: [ { lang: "en", value: "Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "(CWE-125|CWE-787)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-07T22:26:20", orgId: "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", shortName: "fedora", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/202", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969607", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "patrick@puiterwijk.org", ID: "CVE-2021-34339", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ming", version: { version_data: [ { version_value: "Ming 0.4.8", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "(CWE-125|CWE-787)", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libming/libming/issues/202", refsource: "MISC", url: "https://github.com/libming/libming/issues/202", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1969607", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969607", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", assignerShortName: "fedora", cveId: "CVE-2021-34339", datePublished: "2022-03-07T22:26:20", dateReserved: "2021-06-08T00:00:00", dateUpdated: "2024-08-04T00:05:52.726Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34342
Vulnerability from cvelistv5
Published
2022-03-07 22:01
Modified
2024-08-04 00:05
Severity ?
EPSS score ?
Summary
Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libming/libming/issues/205 | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=1969619 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:05:52.568Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/205", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969619", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ming", vendor: "n/a", versions: [ { status: "affected", version: "Ming 0.4.8", }, ], }, ], descriptions: [ { lang: "en", value: "Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-07T22:01:05", orgId: "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", shortName: "fedora", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/205", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969619", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "patrick@puiterwijk.org", ID: "CVE-2021-34342", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ming", version: { version_data: [ { version_value: "Ming 0.4.8", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libming/libming/issues/205", refsource: "MISC", url: "https://github.com/libming/libming/issues/205", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1969619", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969619", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", assignerShortName: "fedora", cveId: "CVE-2021-34342", datePublished: "2022-03-07T22:01:05", dateReserved: "2021-06-08T00:00:00", dateUpdated: "2024-08-04T00:05:52.568Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34341
Vulnerability from cvelistv5
Published
2022-03-07 22:01
Modified
2024-08-04 00:05
Severity ?
EPSS score ?
Summary
Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libming/libming/issues/204 | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=1969628 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:05:52.650Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/204", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969628", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ming", vendor: "n/a", versions: [ { status: "affected", version: "Ming 0.4.8", }, ], }, ], descriptions: [ { lang: "en", value: "Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-07T22:01:52", orgId: "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", shortName: "fedora", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/204", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969628", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "patrick@puiterwijk.org", ID: "CVE-2021-34341", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ming", version: { version_data: [ { version_value: "Ming 0.4.8", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libming/libming/issues/204", refsource: "MISC", url: "https://github.com/libming/libming/issues/204", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1969628", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1969628", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", assignerShortName: "fedora", cveId: "CVE-2021-34341", datePublished: "2022-03-07T22:01:52", dateReserved: "2021-06-08T00:00:00", dateUpdated: "2024-08-04T00:05:52.650Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11733
Vulnerability from cvelistv5
Published
2017-07-29 05:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libming/libming/issues/78 | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2017/11/msg00022.html | mailing-list, x_refsource_MLIST | |
http://somevulnsofadlab.blogspot.jp/2017/07/libmingnull-pointer-dereference-in.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-24 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:19:37.754Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/78", }, { name: "[debian-lts-announce] 20171118 [SECURITY] [DLA 1176-1] ming security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingnull-pointer-dereference-in.html", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-29T00:00:00", descriptions: [ { lang: "en", value: "A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-25T01:06:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/78", }, { name: "[debian-lts-announce] 20171118 [SECURITY] [DLA 1176-1] ming security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00022.html", }, { tags: [ "x_refsource_MISC", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingnull-pointer-dereference-in.html", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11733", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libming/libming/issues/78", refsource: "MISC", url: "https://github.com/libming/libming/issues/78", }, { name: "[debian-lts-announce] 20171118 [SECURITY] [DLA 1176-1] ming security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00022.html", }, { name: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingnull-pointer-dereference-in.html", refsource: "MISC", url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingnull-pointer-dereference-in.html", }, { name: "GLSA-201904-24", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201904-24", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11733", datePublished: "2017-07-29T05:00:00", dateReserved: "2017-07-29T00:00:00", dateUpdated: "2024-08-05T18:19:37.754Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11704
Vulnerability from cvelistv5
Published
2017-07-28 05:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libming/libming/issues/76 | x_refsource_MISC | |
http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:19:37.739Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/76", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-27T00:00:00", descriptions: [ { lang: "en", value: "A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-28T04:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/76", }, { tags: [ "x_refsource_MISC", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11704", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libming/libming/issues/76", refsource: "MISC", url: "https://github.com/libming/libming/issues/76", }, { name: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in.html", refsource: "MISC", url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11704", datePublished: "2017-07-28T05:00:00", dateReserved: "2017-07-27T00:00:00", dateUpdated: "2024-08-05T18:19:37.739Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11728
Vulnerability from cvelistv5
Published
2017-07-29 05:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libming/libming/issues/82 | x_refsource_MISC | |
http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_32.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-24 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:19:38.504Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/82", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_32.html", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-29T00:00:00", descriptions: [ { lang: "en", value: "A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-25T01:06:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/82", }, { tags: [ "x_refsource_MISC", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_32.html", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11728", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libming/libming/issues/82", refsource: "MISC", url: "https://github.com/libming/libming/issues/82", }, { name: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_32.html", refsource: "MISC", url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in-opcode_32.html", }, { name: "GLSA-201904-24", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201904-24", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11728", datePublished: "2017-07-29T05:00:00", dateReserved: "2017-07-29T00:00:00", dateUpdated: "2024-08-05T18:19:38.504Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11705
Vulnerability from cvelistv5
Published
2017-07-28 05:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libming/libming/issues/71 | x_refsource_MISC | |
http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:19:38.500Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/71", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-27T00:00:00", descriptions: [ { lang: "en", value: "A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-28T04:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/71", }, { tags: [ "x_refsource_MISC", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11705", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libming/libming/issues/71", refsource: "MISC", url: "https://github.com/libming/libming/issues/71", }, { name: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in.html", refsource: "MISC", url: "http://somevulnsofadlab.blogspot.jp/2017/07/libmingmemory-leak-in.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11705", datePublished: "2017-07-28T05:00:00", dateReserved: "2017-07-27T00:00:00", dateUpdated: "2024-08-05T18:19:38.500Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11731
Vulnerability from cvelistv5
Published
2017-07-29 05:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
An invalid memory read vulnerability was found in the function OpCode (called from isLogicalOp and decompileIF) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.
References
▼ | URL | Tags |
---|---|---|
https://github.com/libming/libming/issues/84 | x_refsource_MISC | |
http://somevulnsofadlab.blogspot.jp/2017/07/libminginvalid-memory-read-in-opcode.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-24 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:19:39.252Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/libming/libming/issues/84", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libminginvalid-memory-read-in-opcode.html", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-29T00:00:00", descriptions: [ { lang: "en", value: "An invalid memory read vulnerability was found in the function OpCode (called from isLogicalOp and decompileIF) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-25T01:06:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/libming/libming/issues/84", }, { tags: [ "x_refsource_MISC", ], url: "http://somevulnsofadlab.blogspot.jp/2017/07/libminginvalid-memory-read-in-opcode.html", }, { name: "GLSA-201904-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201904-24", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11731", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An invalid memory read vulnerability was found in the function OpCode (called from isLogicalOp and decompileIF) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libming/libming/issues/84", refsource: "MISC", url: "https://github.com/libming/libming/issues/84", }, { name: "http://somevulnsofadlab.blogspot.jp/2017/07/libminginvalid-memory-read-in-opcode.html", refsource: "MISC", url: "http://somevulnsofadlab.blogspot.jp/2017/07/libminginvalid-memory-read-in-opcode.html", }, { name: "GLSA-201904-24", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201904-24", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11731", datePublished: "2017-07-29T05:00:00", dateReserved: "2017-07-29T00:00:00", dateUpdated: "2024-08-05T18:19:39.252Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }