The pushdup function in util/decompile.c in libming up to and including 0.4.8 does not recognize the need for ActionPushDuplicate to perform a deep copy when a String is at the top of the stack, making the library vulnerable to a util/decompile.c getName NULL pointer dereference, which may allow malicious users to cause a denial of service via a crafted SWF file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libming libming |