Fengzhengzhan

**Name of the Vulnerable Software and Affected Versions** FLVMeta version 1.2.1 **Description** A buffer overflow issue was discovered in FLVMeta via the `xml on metadata tag only` function at `dump xml.c`. This issue can be exploited, but no details are provided about the estimated number of potentially affected devices or real-world incidents. **Recommendations** For FLVMeta version 1.2.1, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** libming versions 0.4.7 **Description** The issue is caused by a buffer overflow in the `parseSWF DEFINEFONTINFO()` function. This can be exploited by a remote attacker to cause a denial of service or execute arbitrary code. The buffer overflow occurs in the `parser.c` file. **Recommendations** For version 0.4.7, consider disabling the `parseSWF DEFINEFONTINFO()` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Libming swftophp version 0.4.8 **Description** A Buffer Overflow issue allows a local attacker to cause a denial of service via the `cws2fws` function in `util/decompile.c`. This issue affects Libming swftophp, enabling an attacker to potentially disrupt service. **Recommendations** For version 0.4.8, consider disabling the `cws2fws` function in `util/decompile.c` as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Libming swftophp version 0.4.8 **Description** A Buffer Overflow issue allows a local attacker to cause a denial of service via the `newVar N` function in `util/decompile.c`. This issue can be exploited to disrupt service. **Recommendations** For Libming swftophp version 0.4.8, consider disabling the `newVar N` function in `util/decompile.c` as a temporary workaround until a patch is available. Restrict access to the `util/decompile.c` module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Cesanta MJS version 1.26 **Description** An issue in Cesanta MJS allows a local attacker to cause a denial of service via the `mjs execute` function in mjs.c. **Recommendations** For Cesanta MJS version 1.26, as a temporary workaround, consider disabling the `mjs execute` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cesanta MJS version 1.26 **Description** A Buffer Overflow issue allows a local attacker to cause a denial of service via the `mjs mk string` function in mjs.c. This issue can be exploited to disrupt service. **Recommendations** For Cesanta MJS version 1.26, as a temporary workaround, consider disabling the `mjs mk string` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libming swftophp version 0.4.8 **Description** An issue in libming swftophp allows a local attacker to cause a denial of service via the `stackVal` function in `util/decompile.c`. **Recommendations** For libming swftophp version 0.4.8, consider restricting access to the `stackVal` function in `util/decompile.c` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.