Matthiaskramm
Products
1- 13 CVEs
Recent CVEs
13| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-11101 | Hig | 0.57 | 8.8 | 0.00 | Jul 7, 2017 | When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_Relocate() function in lib/modules/swftools.c. | ||
| CVE-2017-11100 | Hig | 0.57 | 8.8 | 0.00 | Jul 7, 2017 | When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swf_FoldSprite() function in lib/rxfswf.c. | ||
| CVE-2017-11096 | Hig | 0.57 | 8.8 | 0.00 | Jul 7, 2017 | When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_DeleteFilter() function in lib/modules/swffilter.c. | ||
| CVE-2017-8400 | Hig | 0.57 | 8.8 | 0.00 | May 1, 2017 | In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution. | ||
| CVE-2017-7698 | Hig | 0.51 | 7.8 | 0.01 | May 10, 2017 | A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02. | ||
| CVE-2017-1000182 | Med | 0.36 | 5.5 | 0.00 | Nov 17, 2017 | In SWFTools, a memory leak was found in wav2swf. | ||
| CVE-2017-1000176 | Med | 0.36 | 5.5 | 0.00 | Nov 17, 2017 | In SWFTools, a memcpy buffer overflow was found in swfc. | ||
| CVE-2024-22913 | 0.00 | — | 0.00 | Jan 19, 2024 | A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution. | |||
| CVE-2024-22957 | 0.00 | — | 0.00 | Jan 19, 2024 | swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190. | |||
| CVE-2022-35087 | 0.00 | — | 0.00 | Sep 20, 2022 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c. | |||
| CVE-2022-35090 | 0.00 | — | 0.00 | Sep 20, 2022 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan/asan_interceptors_memintrinsics.cpp:. | |||
| CVE-2022-40009 | 0.00 | — | 0.00 | Sep 20, 2022 | SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c. | |||
| CVE-2022-40008 | 0.00 | — | 0.01 | Sep 20, 2022 | SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c. |
- risk 0.57cvss 8.8epss 0.00
When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_Relocate() function in lib/modules/swftools.c.
- risk 0.57cvss 8.8epss 0.00
When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swf_FoldSprite() function in lib/rxfswf.c.
- risk 0.57cvss 8.8epss 0.00
When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_DeleteFilter() function in lib/modules/swffilter.c.
- risk 0.57cvss 8.8epss 0.00
In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution.
- risk 0.51cvss 7.8epss 0.01
A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02.
- risk 0.36cvss 5.5epss 0.00
In SWFTools, a memory leak was found in wav2swf.
- risk 0.36cvss 5.5epss 0.00
In SWFTools, a memcpy buffer overflow was found in swfc.
- CVE-2024-22913Jan 19, 2024risk 0.00cvss —epss 0.00
A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution.
- CVE-2024-22957Jan 19, 2024risk 0.00cvss —epss 0.00
swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190.
- CVE-2022-35087Sep 20, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c.
- CVE-2022-35090Sep 20, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan/asan_interceptors_memintrinsics.cpp:.
- CVE-2022-40009Sep 20, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c.
- CVE-2022-40008Sep 20, 2022risk 0.00cvss —epss 0.01
SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c.