Swftools: >> Swftools >> 0.9.2 Security Vulnerabilities
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function string_hash() located in q.c. It allows an attacker to cause code Execution.
CVSS Score
7.8
EPSS Score
0.005
Published
2021-09-20
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function swf_GetPlaceObject() located in swfobject.c. It allows an attacker to cause code Execution.
CVSS Score
7.8
EPSS Score
0.005
Published
2021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_string2() located in pool.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function namespace_set_hash() located in pool.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-09-20
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function traits_dump() located in abc.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-20
SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono function in lib/wav.c because the align value may be zero.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-07-09
In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote attackers to cause a denial of service (integer overflow and NULL pointer dereference) via a crafted WAV file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-11-17
In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service (invalid write and application crash) or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-11-12
In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and application crash) or possibly have unspecified other impact via a crafted PNG file.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-11-12
The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-11-12