Denial of Service Vulnerability in SWFTools Software swfstrings Module

SWFTools is a collection of utilities to work with Adobe Flash files SWF files. A denial of service vulnerability exists in the SWFTools software swfstrings module. An attacker working with malformed SWF files can cause the program to crash and, if successfully exploited, can lead to arbitrary co...

Font Variable Null Pointer Denial of Service Vulnerability in swfstrigns

SWFTools is a set of software tools for SWF manipulation and creation of utility authoring. swfstrings is a text parsing tool. In versions swftools-0.9.2, 0.9.1, 0.8.0, 0.8.1, 0.4.4, elements in the global static array fonts are set to 0x0 and fail to validate their read operation, resulting in a...

swfstrings swf_GetBits function 't-data' denial of service vulnerability

SWFTools is a set of software tools for SWF manipulation and creation of utility authoring. swfstrings is a text parsing tool. swftools0.9.2 and previous versions of swfstrings program swfGetBits function 't-data' is empty, resulting in access to the contents of the null pointer, triggering a...

Flash Tool 0.6.0 Remote Code Execution

Flash Tool 0.6.0 Remote code execution vulnerability 3/1/2013 http://rubygems.org/gems/flashtool https://github.com/milboj/flashtool If files downloaded contain shell characters it's possible to execute code as the client user. ie: flashfile;id/tmp/o;.swf ./flashtool-0.6.0/lib/flashtool.rb Lines:...