Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
swftools swftools 0.9.2 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-16711
The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c in SWFTools 0.9.2 mishandles an uncompress failure, which allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) because of extractDefinitions in lib/reader...
Swftools Swftools 0.9.2
7.8
CVSSv3
CVE-2017-16793
The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote malicious users to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.
Swftools Swftools 0.9.2
7.8
CVSSv3
CVE-2017-16796
In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote malicious users to cause a denial of service (invalid write and application crash) or possibly have unspecified other impact via vectors involving an IDAT ...
Swftools Swftools 0.9.2
7.8
CVSSv3
CVE-2017-16797
In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote malicious users to cause a denial of service (integer overflow, heap-based buffer overflow, and application crash) or pos...
Swftools Swftools 0.9.2
5.5
CVSSv3
CVE-2017-16868
In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote malicious users to cause a denial of service (integer overflow and NULL pointer dereference) via a crafted WAV file.
Swftools Swftools 0.9.2
7.8
CVSSv3
CVE-2024-22911
A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602.
Swftools Swftools 0.9.2
7.8
CVSSv3
CVE-2024-22915
A heap-use-after-free was found in SWFTools v0.9.2, in the function swf_DeleteTag at rfxswf.c:1193. It allows an malicious user to cause code execution.
Swftools Swftools 0.9.2
5.5
CVSSv3
CVE-2017-16794
The png_load function in lib/png.c in SWFTools 0.9.2 does not properly validate a multiplication of width and bits-per-pixel values, which allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonst...
Swftools Swftools 0.9.2
7.8
CVSSv3
CVE-2023-26991
SWFTools v0.9.2 exists to contain a stack-use-after-scope in the swf_ReadSWF2 function in lib/rfxswf.c.
Swftools Swftools 0.9.2
7.5
CVSSv3
CVE-2017-10976
When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead to a heap-based buffer over-read in the readBlock() function in lib/ttf.c.
Swftools Swftools 0.9.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »