Multiple security issues were found in libming. CVE-2016-9264 - Buffer overflow in the printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file. http://seclists.org/oss-sec/2016/q4/375 CVE-2016-9265 - The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file. http://seclists.org/oss-sec/2016/q4/376 CVE-2016-9266 - listmp3.c in libming 0.4.7 allows remote attackers to unspecified impact via a crafted mp3 file, which triggers an invalid left shift. http://seclists.org/oss-sec/2016/q4/377 CVE-2016-9829 - Heap-based buffer overflow in the parseSWF_DEFINEFONT function in parser.c in the listswf tool in libming 0.4.7 allows remote attackers to have unspecified impact via a crafted SWF file. http://seclists.org/oss-sec/2016/q4/551 CVE-2016-9831 - Heap-based buffer overflow in the parseSWF_RGBA function in parser.c in the listswf tool in libming 0.4.7 allows remote attackers to have unspecified impact via a crafted SWF file. http://seclists.org/oss-sec/2016/q4/552 CVE-2016-9827 - The _iprintf function in outputtxt.c in the listswf tool in libming 0.4.7 allows remote attackers to cause a denial of service (buffer over-read) via a crafted SWF file. http://seclists.org/oss-sec/2016/q4/553 CVE-2016-9828 - The dumpBuffer function in read.c in the listswf tool in libming 0.4.7 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SWF file. http://seclists.org/oss-sec/2016/q4/554
Created ming tracking bugs for this issue: Affects: fedora-all [bug 1438687]
Fix for CVE-2016-9831 introduced a regression. CVE-2017-7578 - Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service (listswf application crash) or possibly have unspecified other impact via a crafted SWF file. NOTE: this issue exists because of an incomplete fix for CVE-2016-9831.