A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. Upstream bug: https://github.com/libming/libming/issues/82
Created ming tracking bugs for this issue: Affects: fedora-all [bug 1476729]