Vulnerabilities > Swftools

DATE CVE VULNERABILITY TITLE RISK
2018-07-09 CVE-2017-16890 Divide BY Zero vulnerability in Swftools 0.9.2
SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono function in lib/wav.c because the align value may be zero.
network
swftools CWE-369
4.3
2017-11-17 CVE-2017-16868 Null Pointer Dereference vulnerability in Swftools 0.9.2
In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote attackers to cause a denial of service (integer overflow and NULL pointer dereference) via a crafted WAV file.
network
swftools CWE-476
4.3
2017-11-17 CVE-2017-1000187 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Swftools
In SWFTools, an address access exception was found in pdf2swf.
network
swftools CWE-119
4.3
2017-11-17 CVE-2017-1000186 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Swftools
In SWFTools, a stack overflow was found in pdf2swf.
network
swftools CWE-119
4.3
2017-11-17 CVE-2017-1000185 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Swftools
In SWFTools, a memcpy buffer overflow was found in gif2swf.
network
swftools CWE-119
4.3
2017-11-17 CVE-2017-1000182 Missing Release of Resource After Effective Lifetime vulnerability in Swftools
In SWFTools, a memory leak was found in wav2swf.
network
swftools CWE-772
4.3
2017-11-17 CVE-2017-1000176 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Swftools
In SWFTools, a memcpy buffer overflow was found in swfc.
network
swftools CWE-119
4.3
2017-11-17 CVE-2017-1000174 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Swftools
In SWFTools, an address access exception was found in swfdump swf_GetBits().
network
swftools CWE-119
4.3
2017-11-12 CVE-2017-16797 Integer Overflow OR Wraparound vulnerability in Swftools 0.9.2
In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and application crash) or possibly have unspecified other impact via a crafted PNG file.
network
swftools CWE-190
6.8
2017-11-12 CVE-2017-16796 Buffer Errors vulnerability in Swftools 0.9.2
In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service (invalid write and application crash) or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file.
network
swftools CWE-119
6.8