Vulnerabilities > Swftools > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-20 | CVE-2021-39597 | NULL Pointer Dereference vulnerability in Swftools An issue was discovered in swftools through 20200710. | 5.5 |
| 2021-09-20 | CVE-2021-39598 | NULL Pointer Dereference vulnerability in Swftools An issue was discovered in swftools through 20200710. | 5.5 |
| 2018-07-09 | CVE-2017-16890 | Divide By Zero vulnerability in Swftools 0.9.2 SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono function in lib/wav.c because the align value may be zero. | 5.5 |
| 2017-11-17 | CVE-2017-16868 | NULL Pointer Dereference vulnerability in Swftools 0.9.2 In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote attackers to cause a denial of service (integer overflow and NULL pointer dereference) via a crafted WAV file. | 5.5 |
| 2017-11-17 | CVE-2017-1000186 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools In SWFTools, a stack overflow was found in pdf2swf. | 5.5 |
| 2017-11-17 | CVE-2017-1000185 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools In SWFTools, a memcpy buffer overflow was found in gif2swf. | 5.5 |
| 2017-11-17 | CVE-2017-1000182 | Missing Release of Resource after Effective Lifetime vulnerability in Swftools In SWFTools, a memory leak was found in wav2swf. | 5.5 |
| 2017-11-17 | CVE-2017-1000176 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools In SWFTools, a memcpy buffer overflow was found in swfc. | 5.5 |
| 2017-11-17 | CVE-2017-1000174 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools In SWFTools, an address access exception was found in swfdump swf_GetBits(). | 5.5 |
| 2017-11-12 | CVE-2017-16794 | Out-of-bounds Read vulnerability in Swftools 0.9.2 The png_load function in lib/png.c in SWFTools 0.9.2 does not properly validate a multiplication of width and bits-per-pixel values, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an erroneous png_load call that occurs because of incorrect integer data types in png2swf. | 5.5 |