A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. Upstream bug: https://github.com/libming/libming/issues/83
Created ming tracking bugs for this issue: Affects: fedora-all [bug 1476729]