ReportizFlow
Filtered by vendor Swftools
Subscriptions
Filtered by product Swftools
Subscriptions
Total
124 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1000182 | 1 Swftools | 1 Swftools | 2025-04-20 | N/A |
| In SWFTools, a memory leak was found in wav2swf. | ||||
| CVE-2017-1000176 | 1 Swftools | 1 Swftools | 2025-04-20 | N/A |
| In SWFTools, a memcpy buffer overflow was found in swfc. | ||||
| CVE-2017-16797 | 1 Swftools | 1 Swftools | 2025-04-20 | N/A |
| In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and application crash) or possibly have unspecified other impact via a crafted PNG file. | ||||
| CVE-2017-16711 | 1 Swftools | 1 Swftools | 2025-04-20 | N/A |
| The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c in SWFTools 0.9.2 mishandles an uncompress failure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) because of extractDefinitions in lib/readers/swf.c and fill_line_bitmap in lib/devices/render.c, as demonstrated by swfrender. | ||||
| CVE-2017-11101 | 1 Swftools | 1 Swftools | 2025-04-20 | N/A |
| When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_Relocate() function in lib/modules/swftools.c. | ||||
| CVE-2017-8400 | 1 Swftools | 1 Swftools | 2025-04-20 | N/A |
| In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution. | ||||
| CVE-2017-16793 | 1 Swftools | 1 Swftools | 2025-04-20 | N/A |
| The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2017-11100 | 1 Swftools | 1 Swftools | 2025-04-20 | N/A |
| When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swf_FoldSprite() function in lib/rxfswf.c. | ||||
| CVE-2017-10976 | 1 Swftools | 1 Swftools | 2025-04-20 | N/A |
| When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead to a heap-based buffer over-read in the readBlock() function in lib/ttf.c. | ||||
| CVE-2017-8420 | 2 Microsoft, Swftools | 2 Windows, Swftools | 2025-04-20 | N/A |
| SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x0000000000003e71" issue. This issue can be triggered by a malformed TTF file that is mishandled by font2swf. Attackers could exploit this issue for DoS (Access Violation). | ||||
| CVE-2010-1516 | 1 Swftools | 1 Swftools | 2025-04-11 | N/A |
| Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to execute arbitrary code via (1) a crafted PNG file, related to the getPNG function in lib/png.c; or (2) a crafted JPEG file, related to the jpeg_load function in lib/jpeg.c. | ||||
| CVE-2024-26337 | 1 Swftools | 1 Swftools | 2025-04-01 | 4.3 Medium |
| swftools v0.9.2 was discovered to contain a segmentation violation via the function s_font at swftools/src/swfc.c. | ||||
| CVE-2024-26339 | 2 Swftools, Swftools Project | 2 Swftools, Swftools | 2025-04-01 | 9.1 Critical |
| swftools v0.9.2 was discovered to contain a strcpy parameter overlap via /home/swftools/src/swfc+0x48318a. | ||||
| CVE-2024-26333 | 1 Swftools | 1 Swftools | 2025-04-01 | 5.5 Medium |
| swftools v0.9.2 was discovered to contain a segmentation violation via the function free_lines at swftools/lib/modules/swfshape.c. | ||||
| CVE-2024-26334 | 1 Swftools | 1 Swftools | 2025-04-01 | 6.2 Medium |
| swftools v0.9.2 was discovered to contain a segmentation violation via the function compileSWFActionCode at swftools/lib/action/actioncompiler.c. | ||||
| CVE-2024-26335 | 1 Swftools | 1 Swftools | 2025-04-01 | 5.5 Medium |
| swftools v0.9.2 was discovered to contain a segmentation violation via the function state_free at swftools/src/swfc-history.c. | ||||
| CVE-2022-46440 | 1 Swftools | 1 Swftools | 2025-03-12 | 5.5 Medium |
| ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c. | ||||
| CVE-2023-27249 | 1 Swftools | 1 Swftools | 2025-02-26 | 5.5 Medium |
| swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swf_GetPlaceObject at swfobject.c. | ||||
| CVE-2023-26991 | 1 Swftools | 1 Swftools | 2025-02-12 | 7.8 High |
| SWFTools v0.9.2 was discovered to contain a stack-use-after-scope in the swf_ReadSWF2 function in lib/rfxswf.c. | ||||
| CVE-2023-29950 | 1 Swftools | 1 Swftools | 2025-01-31 | 5.5 Medium |
| swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDs_fillstyle at modules/swftools.c | ||||