CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-28458

Null Pointer Dereference vulnerability in swfdump in swftools 0.9.2 allows attackers to crash the appliation via the function compileSWFActionCode in action/actioncompiler.c.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.0%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/keepinggg/poc/blob/main/poc_of_swfc
https://github.com/keepinggg/poc/blob/main/poc_of_swfc

Products affected by CVE-2024-28458

Swftools » Swftools » Version: 0.9.2

cpe:2.3:a:swftools:swftools:0.9.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-28458

Products

Pricing

Contact Us