A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1474) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. Upstream bug: https://github.com/libming/libming/issues/81
Created ming tracking bugs for this issue: Affects: fedora-all [bug 1476729]