3 matches found
SUSE CVE-2017-8401
In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function pngload in lib/png.c:724. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS...
CVE-2017-16796
In SWFTools 0.9.2, the pngload function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service invalid write and application crash or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file...
CVE-2017-16796
In SWFTools 0.9.2, the pngload function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service invalid write and application crash or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file...