Filtered by vendor Swftools
Subscribe
Total
126 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-6271 | 1 Swftools | 1 Swftools | 2025-07-02 | 1.7 LOW | 3.3 LOW |
|
A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wav_convert2mono in the library lib/wav.c of the component wav2swf. The manipulation leads to out-of-bounds read. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2024-22957 | 1 Swftools | 1 Swftools | 2025-06-20 | N/A | 5.5 MEDIUM |
|
swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190.
|
|||||
| CVE-2024-22955 | 1 Swftools | 1 Swftools | 2025-06-20 | N/A | 7.8 HIGH |
|
swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability via the function parseExpression at swftools/src/swfc.c:2576.
|
|||||
| CVE-2024-22912 | 1 Swftools | 1 Swftools | 2025-06-17 | N/A | 7.8 HIGH |
|
A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker to cause code execution.
|
|||||
| CVE-2024-22562 | 1 Swftools | 1 Swftools | 2025-06-16 | N/A | 7.8 HIGH |
|
swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dict_foreach_keyvalue at swftools/lib/q.c.
|
|||||
| CVE-2024-28458 | 1 Swftools | 1 Swftools | 2025-06-10 | N/A | 7.5 HIGH |
|
Null Pointer Dereference vulnerability in swfdump in swftools 0.9.2 allows attackers to crash the appliation via the function compileSWFActionCode in action/actioncompiler.c.
|
|||||
| CVE-2024-22919 | 1 Swftools | 1 Swftools | 2025-06-05 | N/A | 7.8 HIGH |
|
swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587.
|
|||||
| CVE-2024-22911 | 1 Swftools | 1 Swftools | 2025-06-05 | N/A | 7.8 HIGH |
|
A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602.
|
|||||
| CVE-2023-37644 | 1 Swftools | 1 Swftools | 2025-06-03 | N/A | 5.5 MEDIUM |
|
SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in png_read_chunk in lib/png.c.
|
|||||
| CVE-2024-22956 | 1 Swftools | 1 Swftools | 2025-05-30 | N/A | 7.8 HIGH |
|
swftools 0.9.2 was discovered to contain a heap-use-after-free vulnerability via the function removeFromTo at swftools/src/swfc.c:838
|
|||||
| CVE-2024-22915 | 1 Swftools | 1 Swftools | 2025-05-30 | N/A | 7.8 HIGH |
|
A heap-use-after-free was found in SWFTools v0.9.2, in the function swf_DeleteTag at rfxswf.c:1193. It allows an attacker to cause code execution.
|
|||||
| CVE-2024-22913 | 1 Swftools | 1 Swftools | 2025-05-30 | N/A | 7.8 HIGH |
|
A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution.
|
|||||
| CVE-2022-40009 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 9.8 CRITICAL |
|
SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c.
|
|||||
| CVE-2022-40008 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 9.8 CRITICAL |
|
SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c.
|
|||||
| CVE-2022-35090 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan/asan_interceptors_memintrinsics.cpp:.
|
|||||
| CVE-2022-35089 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow via getTransparentColor at /home/bupt/Desktop/swftools/src/gif2swf.
|
|||||
| CVE-2022-35088 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow via getGifDelayTime at /home/bupt/Desktop/swftools/src/src/gif2swf.c.
|
|||||
| CVE-2022-35087 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c.
|
|||||
| CVE-2022-35086 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.
|
|||||
| CVE-2022-35085 | 1 Swftools | 1 Swftools | 2025-05-27 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c.
|
|||||
| CVE-2022-35096 | 1 Swftools | 1 Swftools | 2025-05-23 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c.
|
|||||
| CVE-2022-35095 | 1 Swftools | 1 Swftools | 2025-05-23 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via InfoOutputDev::type3D1 at /pdf/InfoOutputDev.cc.
|
|||||
| CVE-2022-35094 | 1 Swftools | 1 Swftools | 2025-05-23 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc.
|
|||||
| CVE-2022-35093 | 1 Swftools | 1 Swftools | 2025-05-23 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a global buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc.
|
|||||
| CVE-2022-35097 | 1 Swftools | 1 Swftools | 2025-05-22 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeTTF at /xpdf/FoFiTrueType.cc.
|
|||||
| CVE-2022-35092 | 1 Swftools | 1 Swftools | 2025-05-22 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via convert_gfxline at /gfxpoly/convert.c.
|
|||||
| CVE-2022-35091 | 1 Swftools | 1 Swftools | 2025-05-22 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream::readMCURow() at /xpdf/Stream.cc.ow()
|
|||||
| CVE-2022-35099 | 1 Swftools | 1 Swftools | 2025-05-22 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a stack overflow via ImageStream::getPixel(unsigned char*) at /xpdf/Stream.cc.
|
|||||
| CVE-2022-35098 | 1 Swftools | 1 Swftools | 2025-05-22 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColor(GfxColor*) at /xpdf/GfxState.cc.
|
|||||
| CVE-2022-35081 | 1 Swftools | 1 Swftools | 2025-05-15 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_read_header at /src/png2swf.c.
|
|||||
| CVE-2022-35080 | 1 Swftools | 1 Swftools | 2025-05-15 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_load at /lib/png.c.
|
|||||
| CVE-2024-25165 | 1 Swftools | 1 Swftools | 2025-05-05 | N/A | 7.8 HIGH |
|
A global-buffer-overflow vulnerability was found in SWFTools v0.9.2, in the function LineText at lib/swf5compiler.flex.
|
|||||
| CVE-2017-9926 | 2 Microsoft, Swftools | 2 Windows, Swftools | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image00000000_00400000+0x000000000001b596."
|
|||||
| CVE-2017-1000174 | 1 Swftools | 1 Swftools | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
In SWFTools, an address access exception was found in swfdump swf_GetBits().
|
|||||
| CVE-2017-9924 | 2 Microsoft, Swftools | 2 Windows, Swftools | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to execute arbitrary code or cause a denial of service via a crafted file, related to a "User Mode Write AV starting at image00000000_00400000+0x000000000001b72a."
|
|||||
| CVE-2017-16793 | 1 Swftools | 1 Swftools | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.
|
|||||
| CVE-2017-16711 | 1 Swftools | 1 Swftools | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c in SWFTools 0.9.2 mishandles an uncompress failure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) because of extractDefinitions in lib/readers/swf.c and fill_line_bitmap in lib/devices/render.c, as demonstrated by swfrender.
|
|||||
| CVE-2017-1000185 | 1 Swftools | 1 Swftools | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
In SWFTools, a memcpy buffer overflow was found in gif2swf.
|
|||||
| CVE-2017-7698 | 1 Swftools | 1 Swftools | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02.
|
|||||
| CVE-2017-10976 | 1 Swftools | 1 Swftools | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
|
When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead to a heap-based buffer over-read in the readBlock() function in lib/ttf.c.
|
|||||