PT-2018-18877 · Libming · Libming
Traceprobe
·
Published
2018-03-30
·
Updated
2023-04-26
·
CVE-2018-9132
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
libming version 0.4.8
Description
The issue is related to a NULL pointer dereference in the
getInt function of the decompile.c file. This could allow remote attackers to cause a denial of service by providing a crafted swf file.Recommendations
For libming version 0.4.8, consider avoiding the use of the
getInt function in the decompile.c file until a patch is available. As a temporary workaround, restrict the processing of swf files from untrusted sources to minimize the risk of exploitation.Exploit
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Libming