Debian 7: DLA-1133-1 Critical: Ming Denial Of Service Flaws
debian lts
October 21, 2017
Multiple vulnerabilities have been discovered in Ming: CVE-2017-11704
Topics Covered
Summary
CVE-2017-11704
Heap-based buffer over-read in the function decompileIF in util/decompile.c
in Ming <= 0.4.8, which allows attackers to cause a denial of service via a
crafted file.
CVE-2017-11728
Heap-based buffer over-read in the function OpCode (called from
decompileSETMEMBER) in util/decompile.c in Ming <= 0.4.8, which allows
attackers to cause a denial of service via a crafted file.
CVE-2017-11729
Heap-based buffer over-read in the function OpCode (called from
decompileINCR_DECR line 1440) in util/decompile.c in Ming <= 0.4.8, which
allows attackers to cause a denial of service via a crafted file.
CVE-2017-11730
Heap-based buffer over-read in the function OpCode (called from
decompileINCR_DECR line 1474) in util/decompile.c in Ming <= 0.4.8, which
allows attackers to cause a denial of service via a crafted file.
CVE-2017-11731
Invalid memory read in the function OpCode (called from isLogicalOp and
decompileIF) in util/decompile.c in Ming <= 0.4.8, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-11734
Heap-based buffer over-read in the function decompileCALLFUNCTION in
util/decompile.c in Ming <= 0.4.8, which allows attackers to cause a denial of
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: ming
Version: 1:0.4.4-1.1+deb7u4
CVE ID: CVE-2017-11704 CVE-2017-11728 CVE-2017-11729 CVE-2017-11730
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!