2 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-16794
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The pngload function in lib/png.c in SWFTools 0.9.2 does not properly validate a multiplication of width and bits-per-pixel values, which allows remote attacker...
SUSE CVE-2017-16796
In SWFTools 0.9.2, the pngload function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service invalid write and application crash or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file...