EUVD-2017-2735

Malware in sbrugna...

CVE-2023-37644

SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in pngreadchunk in lib/png.c...

CVE-2023-37644

SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in pngreadchunk in lib/png.c...

Heap overflow

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via pngload at /lib/png.c...

CVE-2022-35080

SWFTools contains a heap-buffer overflow in the png_load function of /lib/png.c for commit 772e55a2 (CVE-2022-35080). Affected component is SWFTools; root cause is a heap-buffer overflow in png_load. CVSS indicates Local attack vector, no privileges required, user interaction required, with Avail...

CVE-2022-35080

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via pngload at /lib/png.c...

Amazon Linux 2 : mercurial (ALAS-2019-1328)

An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function beuint32read located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified...

Denial Of Service (DoS)

advancecomp is vulnerable to denial of service DoS. The vulnerability exists in function advpngunfilter8 in lib/png.c...

CVE-2017-16794

SWFTools 0.9.2 is affected by CVE-2017-16794 due to improper validation in png_load (lib/png.c). The code fails to correctly validate the multiplication of width and bits-per-pixel values, enabling a crafted file to cause a heap-based buffer over-read and application crash. The root cause is desc...

CVE-2017-11098

Removed by vendor...

Design/Logic Flaw

In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function pngload in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution...

CVE-2017-8400

Removed by vendor...

CVE-2017-8400

In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in lib/png.c:755 within png_load(), triggered by a malformed PNG handled by png2swf. The issue could be exploited to cause DoS and, per the CVE description, may lead to arbitrary code execution. Public advisories (Mageia MGASA-2017-...

CVE-2017-8401

In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function pngload in lib/png.c:724. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS...

SWFTools Multiple Integer Overflow Vulnerabilities

This host is installed with SWFTools and is prone to multiple integer overflow vulnerabilities. OpenVAS Vulnerability Test $Id: gbswftoolsmultintoverflowvulnlin.nasl 6539 2017-07-05 12:02:14Z cfischer $ SWFTools Multiple Integer Overflow Vulnerabilities Authors: Madhuri D Copyright: Copyright C...

CVE-2010-1516

Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to execute arbitrary code via 1 a crafted PNG file, related to the getPNG function in lib/png.c; or 2 a crafted JPEG file, related to the jpegload function in lib/jpeg.c...