Filtered by vendor Swftools
Subscriptions
Total
119 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-16868 | 1 Swftools | 1 Swftools | 2024-08-05 | N/A |
In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote attackers to cause a denial of service (integer overflow and NULL pointer dereference) via a crafted WAV file. | ||||
CVE-2017-16890 | 1 Swftools | 1 Swftools | 2024-08-05 | N/A |
SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono function in lib/wav.c because the align value may be zero. | ||||
CVE-2017-16797 | 1 Swftools | 1 Swftools | 2024-08-05 | N/A |
In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and application crash) or possibly have unspecified other impact via a crafted PNG file. | ||||
CVE-2017-16796 | 1 Swftools | 1 Swftools | 2024-08-05 | N/A |
In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service (invalid write and application crash) or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file. | ||||
CVE-2017-16711 | 1 Swftools | 1 Swftools | 2024-08-05 | N/A |
The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c in SWFTools 0.9.2 mishandles an uncompress failure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) because of extractDefinitions in lib/readers/swf.c and fill_line_bitmap in lib/devices/render.c, as demonstrated by swfrender. | ||||
CVE-2017-9926 | 2 Microsoft, Swftools | 2 Windows, Swftools | 2024-08-05 | N/A |
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image00000000_00400000+0x000000000001b596." | ||||
CVE-2017-9925 | 2 Microsoft, Swftools | 2 Windows, Swftools | 2024-08-05 | N/A |
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to execute arbitrary code or cause a denial of service via a crafted file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d." | ||||
CVE-2017-9927 | 2 Microsoft, Swftools | 2 Windows, Swftools | 2024-08-05 | N/A |
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image00000000_00400000+0x000000000001b5fe." | ||||
CVE-2017-9924 | 2 Microsoft, Swftools | 2 Windows, Swftools | 2024-08-05 | N/A |
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to execute arbitrary code or cause a denial of service via a crafted file, related to a "User Mode Write AV starting at image00000000_00400000+0x000000000001b72a." | ||||
CVE-2017-8420 | 2 Microsoft, Swftools | 2 Windows, Swftools | 2024-08-05 | N/A |
SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x0000000000003e71" issue. This issue can be triggered by a malformed TTF file that is mishandled by font2swf. Attackers could exploit this issue for DoS (Access Violation). | ||||
CVE-2017-7698 | 1 Swftools | 1 Swftools | 2024-08-05 | N/A |
A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02. | ||||
CVE-2021-42199 | 1 Swftools | 1 Swftools | 2024-08-04 | 7.8 High |
An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution. | ||||
CVE-2021-42202 | 1 Swftools | 1 Swftools | 2024-08-04 | 5.5 Medium |
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_DeleteFilter() located in swffilter.c. It allows an attacker to cause Denial of Service. | ||||
CVE-2021-42201 | 1 Swftools | 1 Swftools | 2024-08-04 | 7.8 High |
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetD64() located in rfxswf.c. It allows an attacker to cause code execution. | ||||
CVE-2021-42204 | 1 Swftools | 1 Swftools | 2024-08-04 | 7.8 High |
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause code execution. | ||||
CVE-2021-42200 | 1 Swftools | 1 Swftools | 2024-08-04 | 5.5 Medium |
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function main() located in swfdump.c. It allows an attacker to cause Denial of Service. | ||||
CVE-2021-42197 | 1 Swftools | 1 Swftools | 2024-08-04 | 7.8 High |
An issue was discovered in swftools through 20201222 through a memory leak in the swftools when swfdump is used. It allows an attacker to cause code execution. | ||||
CVE-2021-42196 | 1 Swftools | 1 Swftools | 2024-08-04 | 5.5 Medium |
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function traits_parse() located in abc.c. It allows an attacker to cause Denial of Service. | ||||
CVE-2021-42195 | 1 Swftools | 1 Swftools | 2024-08-04 | 7.8 High |
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function handleEditText() located in swfdump.c. It allows an attacker to cause code Execution. | ||||
CVE-2021-42198 | 1 Swftools | 1 Swftools | 2024-08-04 | 5.5 Medium |
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause Denial of Service. |