Vulnerabilities > CVE-2017-16868 - NULL Pointer Dereference vulnerability in Swftools 0.9.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote attackers to cause a denial of service (integer overflow and NULL pointer dereference) via a crafted WAV file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |