PT-2018-18299 · Libming · Libming
Fantasy7082
·
Published
2018-03-08
·
Updated
2019-04-10
·
CVE-2018-7872
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
libming version 0.4.8
Description:
A memory address dereference issue was found in the
getName function for CONSTANT16 data, causing a segmentation fault, application crash, and denial of service.Recommendations:
For libming version 0.4.8, consider avoiding the use of the
getName function for CONSTANT16 data until a patch is available. As a temporary workaround, restrict access to the getName function to minimize the risk of exploitation.Exploit
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Libming