Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
swftools vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-35110
SWFTools commit 772e55a2 exists to contain a memory leak via /lib/mem.c.
Swftools Swftools -
NA
CVE-2022-35111
SWFTools commit 772e55a2 exists to contain a stack overflow via __sanitizer::StackDepotNode::hash(__sanitizer::StackTrace const&) at /sanitizer_common/sanitizer_stackdepot.cpp.
Swftools Swftools -
NA
CVE-2022-35113
SWFTools commit 772e55a2 exists to contain a heap-buffer overflow via swf_DefineLosslessBitsTagToImage at /modules/swfbits.c.
Swftools Swftools -
NA
CVE-2022-35114
SWFTools commit 772e55a2 exists to contain a segmentation violation via extractFrame at /readers/swf.c.
Swftools Swftools -
6.8
CVSSv2
CVE-2021-42197
An issue exists in swftools through 20201222 through a memory leak in the swftools when swfdump is used. It allows an malicious user to cause code execution.
Swftools Swftools
4.3
CVSSv2
CVE-2021-42202
An issue exists in swftools up to and including 20201222. A NULL pointer dereference exists in the function swf_DeleteFilter() located in swffilter.c. It allows an malicious user to cause Denial of Service.
Swftools Swftools
6.8
CVSSv2
CVE-2021-42204
An issue exists in swftools up to and including 20201222. A heap-buffer-overflow exists in the function swf_GetBits() located in rfxswf.c. It allows an malicious user to cause code execution.
Swftools Swftools
6.8
CVSSv2
CVE-2017-7698
A Use After Free in the pdf2swf part of swftools 0.9.2 and previous versions allows remote malicious users to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02.
Swftools Swftools
1 Github repository
6.8
CVSSv2
CVE-2017-8400
In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution.
Swftools Swftools
4.3
CVSSv2
CVE-2017-16868
In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote malicious users to cause a denial of service (integer overflow and NULL pointer dereference) via a crafted WAV file.
Swftools Swftools 0.9.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »