Skip to main content

Libming CVE-2018-9132

MEDIUM
NULL Pointer Dereference (CWE-476)
2018-03-30 cve@mitre.org
6.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 30, 2018 - 08:29 nvd
MEDIUM 6.5

DescriptionNVD

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.

AnalysisAI

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as NULL Pointer Dereference (CWE-476), which allows attackers to crash the application by dereferencing a null pointer. libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. Affected products include: Libming, Debian Debian Linux.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Check pointers before dereferencing. Use static analysis tools to detect null pointer paths.

CVE-2023-50628 CRITICAL POC
9.8 Dec 20

Buffer Overflow vulnerability in libming version 0.4.8, allows attackers to execute arbitrary code and obtain sensitive

CVE-2020-11895 CRITICAL POC
9.1 Apr 19

Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c. Rated

CVE-2020-11894 CRITICAL POC
9.1 Apr 19

Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c. Rated

CVE-2019-16705 CRITICAL POC
9.1 Sep 23

Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in lib

CVE-2023-36239 HIGH POC
8.8 Jun 22

libming listswf 0.4.7 was discovered to contain a buffer overflow in the parseSWF_DEFINEFONTINFO() function at parser.c.

CVE-2023-31976 HIGH POC
8.8 May 09

libming v0.4.8 was discovered to contain a stack buffer overflow via the function makeswf_preprocess at /util/makeswf_ut

CVE-2020-6628 HIGH POC
8.8 Jan 09

Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the function decompile_SWITCH() in decompile.c. Rated high

CVE-2019-7582 HIGH POC
8.8 Feb 07

The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a

CVE-2019-7581 HIGH POC
8.8 Feb 07

The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified

CVE-2018-20429 HIGH POC
8.8 Dec 24

libming 0.4.8 has a NULL pointer dereference in the getName function of the decompile.c file, a different vulnerability

CVE-2018-20428 HIGH POC
8.8 Dec 24

libming 0.4.8 has a NULL pointer dereference in the strlenext function of the decompile.c file, a different vulnerabilit

CVE-2018-20427 HIGH POC
8.8 Dec 24

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file, a different vulnerability t

Share

CVE-2018-9132 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy