The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming through 0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds read, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file. External References: https://nvd.nist.gov/vuln/detail/CVE-2018-6315 https://github.com/libming/libming/issues/101
Created ming tracking bugs for this issue: Affects: fedora-all [bug 1520747]