11 matches found
EUVD-2014-5222
Malware in sbrugna...
CVE-2002-1881
Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service web browser crash via malformed content in a Flash Shockwave .SWF file, as demonstrated by by ROT13 encoding the body of the file but not the headers...
CVE-2025-29490
libming v0.4.8 was discovered to contain a segmentation fault via the decompileCALLMETHOD function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted SWF file...
CVE-2019-12982
Ming aka libming 0.4.8 has a heap buffer overflow and underflow in the decompileCAST function in util/decompile.c in libutil.a. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted SWF file...
Null pointer dereference
libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file...
CVE-2018-8963
In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file...
libming integer overflow vulnerability (CNVD-2018-03001)
libming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, etc. It can be used to output Flash SWF files to the system. An integer overflow vulnerability exists in the 'outputSWFTEXTRECORD' function in the util/outputscript.c file in libming 0.4.8 and earlier...
CVE-2016-6881
The zlibrefill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file...
Adobe Flash Player Use After Free Code Execution (APSB16-32: CVE-2016-6981)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Adobe Flash Player BUTTONRECORD Loop Denial of Service (APSB10-26; CVE-2010-3641)
The Adobe Flash Player is a multimedia and application player that renders Shockwave Flash SWF files. The vulnerability is due to insufficient sanitization of the DefineButton2 tag by the Adobe Flash Player. A remote attacker might exploit this issue by convincing a victim to open a specially...
CVE-2008-4473
Adobe Flash CS3 Professional on Windows is affected by CVE-2008-4473 due to multiple heap-based buffer overflows in SWF processing caused by extremely long control parameter data in a malicious SWF. The issue, affecting Flash CS3 on Windows and Flash MX 2004, could allow remote code execution. Op...