Vulnerability Details CVE-2010-1516
Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to execute arbitrary code via (1) a crafted PNG file, related to the getPNG function in lib/png.c; or (2) a crafted JPEG file, related to the jpeg_load function in lib/jpeg.c.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.032
EPSS Ranking 86.4%
CVSS Severity
CVSS v2 Score 9.3
References
- http://secunia.com/advisories/39970
- http://secunia.com/advisories/48821
- http://secunia.com/secunia_research/2010-80/
- http://security.gentoo.org/glsa/glsa-201204-05.xml
- http://www.securityfocus.com/archive/1/513102/100/0/threaded
- http://secunia.com/advisories/39970
- http://secunia.com/advisories/48821
- http://secunia.com/secunia_research/2010-80/
- http://security.gentoo.org/glsa/glsa-201204-05.xml
- http://www.securityfocus.com/archive/1/513102/100/0/threaded