16 matches found
EUVD-2017-2735
Malware in sbrugna...
CVE-2023-37644
SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in pngreadchunk in lib/png.c...
CVE-2023-37644
SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in pngreadchunk in lib/png.c...
Heap overflow
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via pngload at /lib/png.c...
CVE-2022-35080
SWFTools contains a heap-buffer overflow in the png_load function of /lib/png.c for commit 772e55a2 (CVE-2022-35080). Affected component is SWFTools; root cause is a heap-buffer overflow in png_load. CVSS indicates Local attack vector, no privileges required, user interaction required, with Avail...
CVE-2022-35080
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via pngload at /lib/png.c...
Amazon Linux 2 : mercurial (ALAS-2019-1328)
An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function beuint32read located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified...
Denial Of Service (DoS)
advancecomp is vulnerable to denial of service DoS. The vulnerability exists in function advpngunfilter8 in lib/png.c...
CVE-2017-16794
SWFTools 0.9.2 is affected by CVE-2017-16794 due to improper validation in png_load (lib/png.c). The code fails to correctly validate the multiplication of width and bits-per-pixel values, enabling a crafted file to cause a heap-based buffer over-read and application crash. The root cause is desc...
CVE-2017-11098
Removed by vendor...
Design/Logic Flaw
In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function pngload in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution...
CVE-2017-8400
In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in lib/png.c:755 within png_load(), triggered by a malformed PNG handled by png2swf. The issue could be exploited to cause DoS and, per the CVE description, may lead to arbitrary code execution. Public advisories (Mageia MGASA-2017-...
CVE-2017-8401
In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function pngload in lib/png.c:724. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS...
CVE-2017-8400
Removed by vendor...
SWFTools Multiple Integer Overflow Vulnerabilities
This host is installed with SWFTools and is prone to multiple integer overflow vulnerabilities. OpenVAS Vulnerability Test $Id: gbswftoolsmultintoverflowvulnlin.nasl 6539 2017-07-05 12:02:14Z cfischer $ SWFTools Multiple Integer Overflow Vulnerabilities Authors: Madhuri D Copyright: Copyright C...
CVE-2010-1516
Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to execute arbitrary code via 1 a crafted PNG file, related to the getPNG function in lib/png.c; or 2 a crafted JPEG file, related to the jpegload function in lib/jpeg.c...