Skip to main content

Libming CVE-2018-7869

HIGH
Missing Release of Resource after Effective Lifetime (CWE-772)
2018-03-08 cve@mitre.org
7.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 08, 2018 - 18:29 nvd
HIGH 7.5

DescriptionNVD

There is a memory leak triggered in the function dcinit of util/decompile.c in libming 0.4.8, which will lead to a denial of service attack.

AnalysisAI

There is a memory leak triggered in the function dcinit of util/decompile.c in libming 0.4.8, which will lead to a denial of service attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-772. There is a memory leak triggered in the function dcinit of util/decompile.c in libming 0.4.8, which will lead to a denial of service attack. Affected products include: Libming, Debian Debian Linux.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2023-50628 CRITICAL POC
9.8 Dec 20

Buffer Overflow vulnerability in libming version 0.4.8, allows attackers to execute arbitrary code and obtain sensitive

CVE-2020-11895 CRITICAL POC
9.1 Apr 19

Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c. Rated

CVE-2020-11894 CRITICAL POC
9.1 Apr 19

Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c. Rated

CVE-2019-16705 CRITICAL POC
9.1 Sep 23

Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in lib

CVE-2023-36239 HIGH POC
8.8 Jun 22

libming listswf 0.4.7 was discovered to contain a buffer overflow in the parseSWF_DEFINEFONTINFO() function at parser.c.

CVE-2023-31976 HIGH POC
8.8 May 09

libming v0.4.8 was discovered to contain a stack buffer overflow via the function makeswf_preprocess at /util/makeswf_ut

CVE-2020-6628 HIGH POC
8.8 Jan 09

Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the function decompile_SWITCH() in decompile.c. Rated high

CVE-2019-7582 HIGH POC
8.8 Feb 07

The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a

CVE-2019-7581 HIGH POC
8.8 Feb 07

The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified

CVE-2018-20429 HIGH POC
8.8 Dec 24

libming 0.4.8 has a NULL pointer dereference in the getName function of the decompile.c file, a different vulnerability

CVE-2018-20428 HIGH POC
8.8 Dec 24

libming 0.4.8 has a NULL pointer dereference in the strlenext function of the decompile.c file, a different vulnerabilit

CVE-2018-20427 HIGH POC
8.8 Dec 24

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file, a different vulnerability t

Share

CVE-2018-7869 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy