CVE-2018-9009 (https://nvd.nist.gov/vuln/detail/CVE-2018-9009): In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file. CVE-2018-8964 (https://nvd.nist.gov/vuln/detail/CVE-2018-8964): In libming 0.4.8, the decompileDELETE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. CVE-2018-8963 (https://nvd.nist.gov/vuln/detail/CVE-2018-8963): In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. CVE-2018-8962 (https://nvd.nist.gov/vuln/detail/CVE-2018-8962): In libming 0.4.8, the decompileSingleArgBuiltInFunctionCall function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. CVE-2018-8961 (https://nvd.nist.gov/vuln/detail/CVE-2018-8961): In libming 0.4.8, the decompilePUSHPARAM function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. CVE-2018-8807 (https://nvd.nist.gov/vuln/detail/CVE-2018-8807): In libming 0.4.8, these is a use-after-free in the function decompileCALLFUNCTION of decompile.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. CVE-2018-8806 (https://nvd.nist.gov/vuln/detail/CVE-2018-8806): In libming 0.4.8, there is a use-after-free in the decompileArithmeticOp function of decompile.c. Remote attackers could use this vulnerability to cause a denial-of-service via a crafted swf file.
(In reply to GLSAMaker/CVETool Bot from comment #0) > CVE-2018-9009 (https://nvd.nist.gov/vuln/detail/CVE-2018-9009): > In libming 0.4.8, there is a use-after-free in the decompileJUMP function > of > the decompile.c file. > Not fixed yet. All others are fixed in media-libs/ming-0.20181112
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f85984054ed9f49d7245234ee6aa9e737607f148 commit f85984054ed9f49d7245234ee6aa9e737607f148 Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2019-08-04 19:29:04 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2019-08-04 19:29:04 +0000 profiles/package.mask: add media-libs/ming Bug: https://bugs.gentoo.org/626412 Bug: https://bugs.gentoo.org/650006 Bug: https://bugs.gentoo.org/651574 Bug: https://bugs.gentoo.org/661152 Bug: https://bugs.gentoo.org/678804 Signed-off-by: Aaron Bauman <bman@gentoo.org> profiles/package.mask | 5 +++++ 1 file changed, 5 insertions(+)
The package has been removed.
