ESB-2018.0701 - [Linux][Debian] ming: Multiple vulnerabilities 2018-03-12

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.0701
                         Security update for ming
                               12 March 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           ming
Publisher:         Debian
Operating System:  Debian GNU/Linux 7
                   Linux variants
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-6359 CVE-2018-6315 CVE-2018-5294
                   CVE-2018-5251  

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2018/03/msg00008.html

Comment: This advisory references vulnerabilities in products which run on 
         platforms other than Debian. It is recommended that administrators 
         running ming check for an updated version of the software for their
         operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : ming
Version        : 0.4.4-1.1+deb7u7
CVE ID         : CVE-2018-5251 CVE-2018-5294 CVE-2018-6315 CVE-2018-6359

Multiple vulnerabilities have been discovered in Ming:

CVE-2018-5251

    Integer signedness error vulnerability (left shift of a negative value) in
    the readSBits function (util/read.c). Remote attackers can leverage this
    vulnerability to cause a denial of service via a crafted swf file.

CVE-2018-5294

    Integer overflow vulnerability (caused by an out-of-range left shift) in
    the readUInt32 function (util/read.c). Remote attackers could leverage this
    vulnerability to cause a denial-of-service via a crafted swf file. 

CVE-2018-6315

    Integer overflow and resultant out-of-bounds read in the
    outputSWF_TEXT_RECORD function (util/outputscript.c). Remote attackers
    could leverage this vulnerability to cause a denial of service or
    unspecified other impact via a crafted SWF file.

CVE-2018-6359

    Use-after-free vulnerability in the decompileIF function
    (util/decompile.c). Remote attackers could leverage this vulnerability to
    cause a denial of service or unspecified other impact via a crafted SWF
    file.

For Debian 7 "Wheezy", these problems have been fixed in version
0.4.4-1.1+deb7u7.

We recommend that you upgrade your ming packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEE5LpPtQuYJzvmooL3LVy48vb3khkFAlqlNM4ACgkQLVy48vb3
khn55Af/So3UmQ05hs+lyOpKbHmEbLPmkaLh3Aq352eGBqIqfrVGKMAmX63GsQZP
zxsSpRpjGkEkN9ss4z/S8ydQc28u7pOeWjCIoJJ/T1xo4bd9dcyy/34Ii6GB9+Fx
n7ap9syaU8MyiyvqQj68hDZ4+X4w7vUvpGGsHYnA3zLxnDISwW67MHCjBC7ymNUw
J+7wNlgnleh1tKZaXvxcLDiDXbl53X81yEPzPH1mxOBLuLE2hpQ4rflSPERZkgIZ
R7ColdOVXEgBzNFApAeucs9HbQgVKFGlsxJSO0gOeWNuuuZqARmcXsTRHyscgdJB
Li+jc5ibTbNP8BIVi4NFT40xC6VYFw==
=eofB
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWqXCQIx+lLeg9Ub1AQi+3g//SwwuvANBIGJDFSvvSjHLccfcMwFgPFLk
8AyKvPz9i6GCv1jJfPrYKZ/rGVGWbTpYML5CzSgARP4ayNyGJY8Y1b/VITX58DGv
lIosUyFADt0h4RJdXiHsTuDyRVBNxNNWjMDuS+9ydZd2rhyMuP1YxM4J5MB+3YEQ
rVXnOgczFm5C2jkSSS3DEr3NN6hcgmagnVLn4AieiOWmeIE2v4qxJ3FMNjH6P2dV
zyHkJZ4XNjIZ3V0Tbh178cZ5+c0U8RPvCKJ6YsPXgfKUjWDGRiHxzlH5DWHY/DNs
9CZQ2CdHkjcEj7exILSqniDMzGOfhlhEznoV8Ydf3pwiO+1RQZeCtXQDARoeNt2x
xayvqdOPBUjIqBT7Plpst++A/CDOqiHc/MHNKGgW3ykjJ7ZQMr+RhX2sknwkguF7
A6XHeLPnyAINdgrntViv6yvNQNQMjWJR+dtgVx1OIlvijtPzT0JTk9MNyV3rIzq9
zkdkSPpyVmUt+A9CLpMz4VXxKNCjyCoi2vFTp2iSOBYMfa23l+xnOzw3cFrW1NuL
t64xo7AcnZHAGUfwJZAZr/VFcNqz5GPAjCD+i9cQj90Zj+Dtmue4RsfIbQJd3bX2
l7tzz8eOansLaejsxHI/gEunxtgTmIVkGCIK3EnZPgcRfqnuw22A02IKT0FIQ4ZR
IKeuyGI3qno=
=2Vrz
-----END PGP SIGNATURE-----

« Back to bulletins