CVE-2019-12982

Name of the Vulnerable Software and Affected Versions Ming (aka libming) version 0.4.8

Description The issue is related to a heap buffer overflow and underflow in the decompileCAST function, located in util/decompile.c in libutil.a. This could allow remote attackers to cause a denial of service by using a crafted SWF file.

Recommendations For Ming (aka libming) version 0.4.8, consider updating to a newer version that addresses the heap buffer overflow and underflow issue in the decompileCAST function. As a temporary workaround, restrict the processing of crafted SWF files to minimize the risk of exploitation.