Cuanduo

**Nome do software vulnerável e versões afetadas** Ming (também conhecido como libming) versão 0.4.8 **Descrição** O problema é uma leitura excessiva do buffer baseada na pilha (heap), especificamente de 2 bytes, que ocorre na função `decompileIF()` localizada em `decompile.c`. **Recomendações** Para o Ming (também conhecido como libming) versão 0.4.8, considere desativar a função `decompileIF()` como uma solução temporária até que um patch esteja disponível.

**Nome do software vulnerável e versões afetadas** Ming (também conhecido como libming) versão 0.4.8 **Descrição** O problema está relacionado a uma desreferência de ponteiro NULL na função `decompileGETURL2()` em `decompile.c`. **Recomendações** Para o Ming (também conhecido como libming) versão 0.4.8, considere evitar o uso da função `decompileGETURL2()` até que um patch esteja disponível.

**Nome do software vulnerável e versões afetadas** ngiflib versão 0.4 **Descrição** O problema consiste em uma leitura excessiva do buffer baseada na pilha na função GifIndexToTrueColor, localizada no arquivo ngiflib.c. **Recomendações** Para a versão 0.4 do ngiflib, considere aplicar um patch ou correção para resolver o problema de leitura excessiva do buffer baseada na pilha na função GifIndexToTrueColor. No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Exiv2 version 0.27.99.0 **Description** The issue is a heap-based buffer over-read in the `Exiv2::RafImage::readMetadata()` function, located in the rafimage.cpp file. **Recommendations** For Exiv2 version 0.27.99.0, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Free Lossless Image Format (FLIF) version 0.3 **Description** An issue was discovered in the image save png function in image/image-png.cpp, allowing attackers to trigger a heap-based buffer over-read in libpng via a crafted flif file. **Recommendations** For Free Lossless Image Format (FLIF) version 0.3, consider avoiding the use of the image save png function until a patch is available. As a temporary workaround, restrict the processing of crafted flif files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Exiv2 version 0.27.99.0 **Description** The issue is related to an out-of-bounds read in the `Exiv2::MrwImage::readMetadata()` function in `mrwimage.cpp`. This could result in a denial of service. The vulnerability can be exploited by a remote attacker using a specially crafted file, potentially leading to a denial of service. **Recommendations** For Exiv2 version 0.27.99.0, consider disabling the `readMetadata()` function as a temporary workaround until a patch is available. Restrict access to the `mrwimage.cpp` component to minimize the risk of exploitation. Avoid using the `Exiv2::MrwImage::readMetadata()` function with untrusted input files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Exiv2 version 0.27.99.0 **Description** The issue is related to a heap-based buffer over-read in the `Exiv2::PngImage::readMetadata()` function, located in the `pngimage.cpp` component of the Exiv2 library. This can be exploited by attackers using a crafted image file, potentially leading to a denial of service. The vulnerability is associated with reading beyond the valid boundaries of a data buffer. **Recommendations** For Exiv2 version 0.27.99.0, consider disabling the `Exiv2::PngImage::readMetadata()` function as a temporary workaround until a patch is available. Restrict access to the `pngimage.cpp` component to minimize the risk of exploitation. Avoid using the affected library with untrusted image files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Audio File Library versions 0.3.6 **Description** The issue is related to a NULL pointer dereference bug in the `ulaw2linear buf` function in `G711.cpp` within the `libmodules.a` library. This bug allows an attacker to cause a denial of service via a crafted file. The exploitation of this bug can enable a remote attacker to disrupt service using a specially created file. **Recommendations** For Audio File Library version 0.3.6, consider disabling the `ulaw2linear buf` function in `G711.cpp` as a temporary workaround to minimize the risk of exploitation until a patch is available.