Vulnerabilities > Swftools > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-09 | CVE-2017-16711 | NULL Pointer Dereference vulnerability in Swftools 0.9.2 The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c in SWFTools 0.9.2 mishandles an uncompress failure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) because of extractDefinitions in lib/readers/swf.c and fill_line_bitmap in lib/devices/render.c, as demonstrated by swfrender. | 5.5 |
| 2017-07-05 | CVE-2017-8420 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools 201304091007 SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x0000000000003e71" issue. | 6.5 |
| 2017-05-01 | CVE-2017-8401 | Out-of-bounds Read vulnerability in Swftools In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function png_load() in lib/png.c:724. | 6.5 |