Vulnerabilities > Swftools > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-20 | CVE-2021-39574 | Out-of-bounds Write vulnerability in Swftools An issue was discovered in swftools through 20200710. | 7.8 |
| 2021-09-20 | CVE-2021-39577 | Out-of-bounds Write vulnerability in Swftools An issue was discovered in swftools through 20200710. | 7.8 |
| 2021-09-20 | CVE-2021-39579 | Out-of-bounds Write vulnerability in Swftools An issue was discovered in swftools through 20200710. | 7.8 |
| 2021-09-20 | CVE-2021-39582 | Out-of-bounds Write vulnerability in Swftools An issue was discovered in swftools through 20200710. | 7.8 |
| 2021-09-20 | CVE-2021-39595 | Out-of-bounds Write vulnerability in Swftools An issue was discovered in swftools through 20200710. | 7.8 |
| 2017-11-17 | CVE-2017-1000187 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools In SWFTools, an address access exception was found in pdf2swf. | 7.8 |
| 2017-11-12 | CVE-2017-16797 | Integer Overflow or Wraparound vulnerability in Swftools 0.9.2 In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and application crash) or possibly have unspecified other impact via a crafted PNG file. | 7.8 |
| 2017-11-12 | CVE-2017-16796 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools 0.9.2 In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service (invalid write and application crash) or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file. | 7.8 |
| 2017-11-12 | CVE-2017-16793 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools 0.9.2 The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file. | 7.8 |
| 2017-07-07 | CVE-2017-11101 | NULL Pointer Dereference vulnerability in Swftools 0.9.2 When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_Relocate() function in lib/modules/swftools.c. | 8.8 |