Youwei1988

Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.26 Description: The issue is caused by an integer overflow in the Exiv2::getULong function, leading to a heap-based buffer over-read. This can be exploited by remote attackers to cause a denial of service using a crafted image file. Recommendations: For Exiv2 version 0.26, update to a newer version that contains a fix for this issue to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** libming version 0.4.8 **Description** The issue is caused by an integer signedness error vulnerability, specifically a left shift of a negative value, in the `readSBits` function located in `util/read.c`. This can be exploited by remote attackers to cause a denial of service by using a crafted swf file. **Recommendations** For libming version 0.4.8, consider applying a patch to fix the integer signedness error in the `readSBits` function to prevent denial of service attacks via crafted swf files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.