Vulnerabilities (CVE)

Filtered by vendor Swftools Subscribe
Total 118 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-39562 1 Swftools 1 Swftools 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function FileStream::makeSubStream() located in Stream.cc. It allows an attacker to cause Denial of Service.
CVE-2021-39561 1 Swftools 1 Swftools 2024-11-21 6.8 MEDIUM 7.8 HIGH
An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function Gfx::opSetFillColorN() located in Gfx.cc. It allows an attacker to cause code Execution.
CVE-2021-39559 1 Swftools 1 Swftools 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function GString::~GString() located in GString.cc. It allows an attacker to cause Denial of Service.
CVE-2021-39558 1 Swftools 1 Swftools 2024-11-21 6.8 MEDIUM 7.8 HIGH
An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function VectorGraphicOutputDev::drawGeneralImage() located in VectorGraphicOutputDev.cc. It allows an attacker to cause code Execution.
CVE-2021-39557 1 Swftools 1 Swftools 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function copyString() located in gmem.cc. It allows an attacker to cause Denial of Service.
CVE-2021-39556 1 Swftools 1 Swftools 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function InfoOutputDev::type3D1() located in InfoOutputDev.cc. It allows an attacker to cause Denial of Service.
CVE-2021-39555 1 Swftools 1 Swftools 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function InfoOutputDev::type3D0() located in InfoOutputDev.cc. It allows an attacker to cause Denial of Service.
CVE-2021-39554 1 Swftools 1 Swftools 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function Lexer::Lexer() located in Lexer.cc. It allows an attacker to cause Denial of Service.
CVE-2021-39553 1 Swftools 1 Swftools 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function grealloc() located in gmem.cc. It allows an attacker to cause Denial of Service.
CVE-2017-9927 2 Microsoft, Swftools 2 Windows, Swftools 2024-11-21 6.8 MEDIUM 8.8 HIGH
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image00000000_00400000+0x000000000001b5fe."
CVE-2017-9926 2 Microsoft, Swftools 2 Windows, Swftools 2024-11-21 6.8 MEDIUM 8.8 HIGH
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image00000000_00400000+0x000000000001b596."
CVE-2017-9925 2 Microsoft, Swftools 2 Windows, Swftools 2024-11-21 6.8 MEDIUM 8.8 HIGH
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to execute arbitrary code or cause a denial of service via a crafted file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d."
CVE-2017-9924 2 Microsoft, Swftools 2 Windows, Swftools 2024-11-21 6.8 MEDIUM 8.8 HIGH
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to execute arbitrary code or cause a denial of service via a crafted file, related to a "User Mode Write AV starting at image00000000_00400000+0x000000000001b72a."
CVE-2017-8420 2 Microsoft, Swftools 2 Windows, Swftools 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x0000000000003e71" issue. This issue can be triggered by a malformed TTF file that is mishandled by font2swf. Attackers could exploit this issue for DoS (Access Violation).
CVE-2017-8401 1 Swftools 1 Swftools 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function png_load() in lib/png.c:724. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS.
CVE-2017-8400 1 Swftools 1 Swftools 2024-11-21 6.8 MEDIUM 8.8 HIGH
In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution.
CVE-2017-7698 1 Swftools 1 Swftools 2024-11-21 6.8 MEDIUM 7.8 HIGH
A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02.
CVE-2017-16890 1 Swftools 1 Swftools 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono function in lib/wav.c because the align value may be zero.
CVE-2017-16868 1 Swftools 1 Swftools 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote attackers to cause a denial of service (integer overflow and NULL pointer dereference) via a crafted WAV file.
CVE-2017-16797 1 Swftools 1 Swftools 2024-11-21 6.8 MEDIUM 7.8 HIGH
In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and application crash) or possibly have unspecified other impact via a crafted PNG file.