The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming through 0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds read, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/102828 | Third Party Advisory VDB Entry |
https://github.com/libming/libming/issues/101 | Exploit Issue Tracking Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2018/03/msg00008.html | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/201904-24 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-01-25T22:00:00
Updated: 2019-04-25T01:06:02
Reserved: 2018-01-25T00:00:00
Link: CVE-2018-6315
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-01-25T22:29:00.393
Modified: 2019-04-26T12:41:56.777
Link: CVE-2018-6315
JSON object: View
Redhat Information
No data.