Shodan
Vulnerabilities
Vulnerable Software
Swftools:  >> Swftools  Security Vulnerabilities
CVE-2021-39575
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function dump_method() located in abc.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-20
CVE-2021-39577
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function main() located in swfdump.c. It allows an attacker to cause code Execution.
CVSS Score
7.8
EPSS Score
0.005
Published
2021-09-20
CVE-2021-39579
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function string_hash() located in q.c. It allows an attacker to cause code Execution.
CVSS Score
7.8
EPSS Score
0.005
Published
2021-09-20
CVE-2021-39582
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function swf_GetPlaceObject() located in swfobject.c. It allows an attacker to cause code Execution.
CVSS Score
7.8
EPSS Score
0.005
Published
2021-09-20
CVE-2021-39583
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_string2() located in pool.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-20
CVE-2021-39584
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function namespace_set_hash() located in pool.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-09-20
CVE-2021-39585
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function traits_dump() located in abc.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-20
CVE-2017-16890
SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono function in lib/wav.c because the align value may be zero.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-07-09
CVE-2017-16868
In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote attackers to cause a denial of service (integer overflow and NULL pointer dereference) via a crafted WAV file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-11-17
CVE-2017-1000174
In SWFTools, an address access exception was found in swfdump swf_GetBits().
CVSS Score
5.5
EPSS Score
0.002
Published
2017-11-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved