CVE-2017-8782
MEDIUMlibming 0.4.8 - Denial of Service via Integer Overflow in readString Function
Title source: llmDescription
The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to a memory allocation error.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/98793
Exploit, Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2017/May/106
Scores
CVSS v3
6.5
EPSS
0.0146
EPSS Percentile
70.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-190
Status
published
Products (1)
libming/libming
0.4.8
Published
May 31, 2017
Tracked Since
Feb 18, 2026