In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file.
https://github.com/libming/libming/issues/97
https://lists.debian.org/debian-lts-announce/2018/03/msg00008.html