VYPR

Swftools

by Matthiaskramm

Source repositories

CVEs (9)

  • CVE-2017-11100HigJul 7, 2017
    risk 0.57cvss 8.8epss 0.01

    When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swf_FoldSprite() function in lib/rxfswf.c.

  • CVE-2017-11096HigJul 7, 2017
    risk 0.57cvss 8.8epss 0.01

    When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_DeleteFilter() function in lib/modules/swffilter.c.

  • CVE-2024-22913HigJan 19, 2024
    risk 0.51cvss 7.8epss 0.00

    A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution.

  • CVE-2021-39582HigSep 20, 2021
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function swf_GetPlaceObject() located in swfobject.c. It allows an attacker to cause code Execution.

  • CVE-2021-39579HigSep 20, 2021
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function string_hash() located in q.c. It allows an attacker to cause code Execution.

  • CVE-2021-39564HigSep 20, 2021
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function swf_DumpActions() located in swfaction.c. It allows an attacker to cause code Execution.

  • CVE-2024-22957MedJan 19, 2024
    risk 0.36cvss 5.5epss 0.00

    swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190.

  • CVE-2022-46440MedFeb 24, 2023
    risk 0.36cvss 5.5epss 0.00

    ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c.

  • CVE-2017-1000174MedNov 17, 2017
    risk 0.36cvss 5.5epss 0.01

    In SWFTools, an address access exception was found in swfdump swf_GetBits().