CVE-2018-6359

Опубликовано: 27 янв. 2018

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

The decompileIF function (util/decompile.c) in libming through 0.4.8 is vulnerable to a use-after-free, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file.

Ссылки

http://www.securityfocus.com/bid/102856
Third Party Advisory
VDB Entry
https://github.com/libming/libming/issues/105
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/03/msg00008.html
Mailing List
Third Party Advisory
https://security.gentoo.org/glsa/201904-24
Third Party Advisory
http://www.securityfocus.com/bid/102856
Third Party Advisory
VDB Entry
https://github.com/libming/libming/issues/105
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/03/msg00008.html
Mailing List
Third Party Advisory
https://security.gentoo.org/glsa/201904-24
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libming:libming:*:*:*:*:*:*:*:*

Версия до 0.4.8 (включая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.01036

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-416

Связанные уязвимости

CVE-2018-6359

CVSS3: 8.8

ubuntu

больше 7 лет назад

CVE-2018-6359

CVSS3: 8.8

debian

больше 7 лет назад

The decompileIF function (util/decompile.c) in libming through 0.4.8 i ...

GHSA-225g-rrj9-x694

CVSS3: 8.8

github

около 3 лет назад

EPSS

Процентиль: 76%

0.01036

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-416