CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-7867
https://notcve.org/view.php?id=CVE-2018-7867
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. A Crafted input will lead to a denial of service attack. Hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función getString en util/decompile.c en la versión 0.4.8 de libming durante un sprintf RegisterNumber. Se podría realizar un ataque de denegación de servicio (DoS) con una entrada manipulada. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260 https://github.com/libming/libming/issues/116 https://lists.debian.org/debian-lts-announce/2018/04/msg00008.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-7868
https://notcve.org/view.php?id=CVE-2018-7868
There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack. Hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función getName en util/decompile.c en la versión 0.4.8 de libming para los datos CONSTANT8. Se podría realizar un ataque de denegación de servicio (DoS) con una entrada manipulada. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260 https://github.com/libming/libming/issues/113 https://lists.debian.org/debian-lts-announce/2018/04/msg00008.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-7877
https://notcve.org/view.php?id=CVE-2018-7877
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for DOUBLE data. A Crafted input will lead to a denial of service attack. Hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función getString en util/decompile.c en la versión 0.4.8 de libming para los datos DOUBLE. Se podría realizar un ataque de denegación de servicio (DoS) con una entrada manipulada. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260 https://github.com/libming/libming/issues/110 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-7876
https://notcve.org/view.php?id=CVE-2018-7876
In libming 0.4.8, a memory exhaustion vulnerability was found in the function parseSWF_ACTIONRECORD in util/parser.c, which allows remote attackers to cause a denial of service via a crafted file. Se ha encontrado una vulnerabilidad de agotamiento de memoria en libming 0.4.8 en la función parseSWF_ACTIONRECORD en util/parser.c que permite que atacantes remotos provoquen una denegación de servicio (DoS) mediante un archivo manipulado. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260 https://github.com/libming/libming/issues/109 https://lists.debian.org/debian-lts-announce/2018/05/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/47KZ5RYWQMBN5DVDITBVRDNDCSFNBJ3V https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CQNIJH5EQV2D6KEFGY2467ZS4I7TZLXP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LBFCINUX3XXAPPH77OH6NKAC • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2018-0202
https://notcve.org/view.php?id=CVE-2018-0202
clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause an out-of-bounds read when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition. This concerns pdf_parse_array and pdf_parse_string in libclamav/pdfng.c. • https://github.com/jaychowjingjie/CVE-2018-0202 https://bugzilla.clamav.net/show_bug.cgi?id=11973 https://bugzilla.clamav.net/show_bug.cgi?id=11980 https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html https://security.gentoo.org/glsa/201804-16 https://usn.ubuntu.com/3592-1 https://usn.ubuntu.com/3592-2 • CWE-125: Out-of-bounds Read •