Vulnerabilities > Swftools > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-12 | CVE-2017-16796 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools 0.9.2 In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service (invalid write and application crash) or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file. | 6.8 |
| 2017-11-12 | CVE-2017-16794 | Out-of-bounds Read vulnerability in Swftools 0.9.2 The png_load function in lib/png.c in SWFTools 0.9.2 does not properly validate a multiplication of width and bits-per-pixel values, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an erroneous png_load call that occurs because of incorrect integer data types in png2swf. | 4.3 |
| 2017-11-12 | CVE-2017-16793 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools 0.9.2 The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file. | 6.8 |
| 2017-11-09 | CVE-2017-16711 | NULL Pointer Dereference vulnerability in Swftools 0.9.2 The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c in SWFTools 0.9.2 mishandles an uncompress failure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) because of extractDefinitions in lib/readers/swf.c and fill_line_bitmap in lib/devices/render.c, as demonstrated by swfrender. | 4.3 |
| 2017-07-07 | CVE-2017-11101 | NULL Pointer Dereference vulnerability in Swftools 0.9.2 When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_Relocate() function in lib/modules/swftools.c. | 6.8 |
| 2017-07-07 | CVE-2017-11100 | NULL Pointer Dereference vulnerability in Swftools 0.9.2 When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swf_FoldSprite() function in lib/rxfswf.c. | 6.8 |
| 2017-07-07 | CVE-2017-11099 | Improper Input Validation vulnerability in Swftools 0.9.2 When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead to a Segmentation Violation in the wav_convert2mono() function in lib/wav.c. | 6.8 |
| 2017-07-07 | CVE-2017-11098 | Improper Input Validation vulnerability in Swftools 0.9.2 When SWFTools 0.9.2 processes a crafted file in png2swf, it can lead to a Segmentation Violation in the png_load() function in lib/png.c. | 6.8 |
| 2017-07-07 | CVE-2017-11097 | NULL Pointer Dereference vulnerability in Swftools 0.9.2 When SWFTools 0.9.2 processes a crafted file in swfc, it can lead to a NULL Pointer Dereference in the dict_lookup() function in lib/q.c. | 6.8 |
| 2017-07-07 | CVE-2017-11096 | NULL Pointer Dereference vulnerability in Swftools 0.9.2 When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_DeleteFilter() function in lib/modules/swffilter.c. | 6.8 |