Swftools Swftools

Do you want an email whenever new security vulnerabilities are reported in Swftools?

By the Year

In 2024 there have been 12 vulnerabilities in Swftools with an average score of 7.2 out of ten. Last year Swftools had 4 security vulnerabilities published. That is, 8 more vulnerabilities have already been reported in 2024 as compared to last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 1.15.

Year Vulnerabilities Average Score
2024 12 7.23
2023 4 6.08
2022 41 6.07
2021 32 6.15
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Swftools vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Swftools Security Vulnerabilities

swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability

CVE-2024-22957 5.5 - Medium - January 19, 2024

swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190.

Out-of-bounds Read

swftools 0.9.2 was discovered to contain a heap-use-after-free vulnerability

CVE-2024-22956 7.8 - High - January 19, 2024

swftools 0.9.2 was discovered to contain a heap-use-after-free vulnerability via the function removeFromTo at swftools/src/swfc.c:838

Dangling pointer

A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2

CVE-2024-22911 7.8 - High - January 19, 2024

A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602.

Memory Corruption

A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327

CVE-2024-22912 7.8 - High - January 19, 2024

A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker to cause code execution.

Classic Buffer Overflow

A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321

CVE-2024-22913 7.8 - High - January 19, 2024

A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution.

Memory Corruption

A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620

CVE-2024-22914 5.5 - Medium - January 19, 2024

A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620. It allows an attacker to cause denial of service.

Dangling pointer

A heap-use-after-free was found in SWFTools v0.9.2, in the function swf_DeleteTag at rfxswf.c:1193

CVE-2024-22915 7.8 - High - January 19, 2024

A heap-use-after-free was found in SWFTools v0.9.2, in the function swf_DeleteTag at rfxswf.c:1193. It allows an attacker to cause code execution.

Dangling pointer

swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability

CVE-2024-22919 7.8 - High - January 19, 2024

swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587.

Classic Buffer Overflow

swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability

CVE-2024-22955 7.8 - High - January 19, 2024

swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability via the function parseExpression at swftools/src/swfc.c:2576.

Memory Corruption

swftools 0.9.2 was discovered to contain a Stack Buffer Underflow

CVE-2024-22562 7.8 - High - January 19, 2024

swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dict_foreach_keyvalue at swftools/lib/q.c.

Memory Corruption

swftools 0.9.2 was discovered to contain a heap-use-after-free

CVE-2024-22920 7.8 - High - January 19, 2024

swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c.

Dangling pointer

SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf

CVE-2023-37644 5.5 - Medium - January 11, 2024

SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in png_read_chunk in lib/png.c.

Memory Corruption

swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDs_fillstyle at modules/swftools.c

CVE-2023-29950 5.5 - Medium - April 27, 2023

swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDs_fillstyle at modules/swftools.c

Memory Corruption

SWFTools v0.9.2 was discovered to contain a stack-use-after-scope in the swf_ReadSWF2 function in lib/rfxswf.c.

CVE-2023-26991 7.8 - High - April 04, 2023

SWFTools v0.9.2 was discovered to contain a stack-use-after-scope in the swf_ReadSWF2 function in lib/rfxswf.c.

Dangling pointer

swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swf_GetPlaceObject at swfobject.c.

CVE-2023-27249 5.5 - Medium - March 23, 2023

swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swf_GetPlaceObject at swfobject.c.

Memory Corruption

ttftool v0.9.2 was discovered to contain a segmentation violation

CVE-2022-46440 5.5 - Medium - February 24, 2023

ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c.

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow

CVE-2022-35081 5.5 - Medium - October 13, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_read_header at /src/png2swf.c.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow

CVE-2022-35080 5.5 - Medium - October 13, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_load at /lib/png.c.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow

CVE-2022-35094 5.5 - Medium - September 23, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a stack overflow

CVE-2022-35099 5.5 - Medium - September 23, 2022

SWFTools commit 772e55a2 was discovered to contain a stack overflow via ImageStream::getPixel(unsigned char*) at /xpdf/Stream.cc.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow

CVE-2022-35098 5.5 - Medium - September 23, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColor(GfxColor*) at /xpdf/GfxState.cc.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a segmentation violation

CVE-2022-35097 5.5 - Medium - September 23, 2022

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeTTF at /xpdf/FoFiTrueType.cc.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow

CVE-2022-35096 5.5 - Medium - September 23, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a segmentation violation

CVE-2022-35095 5.5 - Medium - September 23, 2022

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via InfoOutputDev::type3D1 at /pdf/InfoOutputDev.cc.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a global buffer overflow

CVE-2022-35093 5.5 - Medium - September 23, 2022

SWFTools commit 772e55a2 was discovered to contain a global buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a segmentation violation

CVE-2022-35092 5.5 - Medium - September 23, 2022

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via convert_gfxline at /gfxpoly/convert.c.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE)

CVE-2022-35091 5.5 - Medium - September 23, 2022

SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream::readMCURow() at /xpdf/Stream.cc.ow()

Incorrect Comparison

SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow

CVE-2022-35088 5.5 - Medium - September 21, 2022

SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow via getGifDelayTime at /home/bupt/Desktop/swftools/src/src/gif2swf.c.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow

CVE-2022-35090 5.5 - Medium - September 21, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan/asan_interceptors_memintrinsics.cpp:.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow

CVE-2022-35089 5.5 - Medium - September 21, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow via getTransparentColor at /home/bupt/Desktop/swftools/src/gif2swf.

Allocation of Resources Without Limits or Throttling

SWFTools commit 772e55a2 was discovered to contain a segmentation violation

CVE-2022-35087 5.5 - Medium - September 21, 2022

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c.

Out-of-bounds Read

SWFTools commit 772e55a2 was discovered to contain a segmentation violation

CVE-2022-35086 5.5 - Medium - September 21, 2022

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a memory leak

CVE-2022-35085 5.5 - Medium - September 21, 2022

SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c.

Memory Leak

SWFTools commit 772e55a was discovered to contain a heap-buffer overflow

CVE-2022-40008 9.8 - Critical - September 20, 2022

SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c.

Memory Corruption

SWFTools commit 772e55a was discovered to contain a heap-use-after-free

CVE-2022-40009 9.8 - Critical - September 20, 2022

SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c.

Dangling pointer

SWFTools commit 772e55a2 was discovered to contain a stack overflow

CVE-2022-35111 5.5 - Medium - August 16, 2022

SWFTools commit 772e55a2 was discovered to contain a stack overflow via __sanitizer::StackDepotNode::hash(__sanitizer::StackTrace const&) at /sanitizer_common/sanitizer_stackdepot.cpp.

Allocation of Resources Without Limits or Throttling

SWFTools commit 772e55a2 was discovered to contain a memory leak

CVE-2022-35110 5.5 - Medium - August 16, 2022

SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c.

Memory Leak

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow

CVE-2022-35109 5.5 - Medium - August 16, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a segmentation violation

CVE-2022-35108 5.5 - Medium - August 16, 2022

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc.

NULL Pointer Dereference

SWFTools commit 772e55a2 was discovered to contain a stack overflow

CVE-2022-35107 5.5 - Medium - August 16, 2022

SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common/vfprintf.c.

Allocation of Resources Without Limits or Throttling

SWFTools commit 772e55a2 was discovered to contain a segmentation violation

CVE-2022-35106 5.5 - Medium - August 16, 2022

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::computeTableChecksum(unsigned char*, int) at /xpdf/FoFiTrueType.cc.

Out-of-bounds Read

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow

CVE-2022-35105 5.5 - Medium - August 16, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via /bin/png2swf+0x552cea.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow

CVE-2022-35104 5.5 - Medium - August 16, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::reset() at /xpdf/Stream.cc.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a segmentation violation

CVE-2022-35101 5.5 - Medium - August 16, 2022

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memset-vec-unaligned-erms.S.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a segmentation violation

CVE-2022-35100 6.5 - Medium - August 16, 2022

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via gfxline_getbbox at /lib/gfxtools.c.

Out-of-bounds Read

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow

CVE-2022-35113 5.5 - Medium - August 16, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via swf_DefineLosslessBitsTagToImage at /modules/swfbits.c.

Memory Corruption

SWFTools commit 772e55a2 was discovered to contain a segmentation violation

CVE-2022-35114 5.5 - Medium - August 16, 2022

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via extractFrame at /readers/swf.c.

Out-of-bounds Read

An issue was discovered in swftools through 20201222

CVE-2021-42202 5.5 - Medium - June 02, 2022

An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_DeleteFilter() located in swffilter.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20201222

CVE-2021-42204 7.8 - High - June 02, 2022

An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause code execution.

Memory Corruption

An issue was discovered in swftools through 20201222

CVE-2021-42203 7.8 - High - June 02, 2022

An issue was discovered in swftools through 20201222. A heap-use-after-free exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution.

Dangling pointer

An issue was discovered in swftools through 20201222

CVE-2021-42201 7.8 - High - June 02, 2022

An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetD64() located in rfxswf.c. It allows an attacker to cause code execution.

Memory Corruption

An issue was discovered in swftools through 20201222

CVE-2021-42200 5.5 - Medium - June 02, 2022

An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function main() located in swfdump.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20201222

CVE-2021-42199 7.8 - High - June 02, 2022

An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution.

Memory Corruption

An issue was discovered in swftools through 20201222

CVE-2021-42198 5.5 - Medium - June 02, 2022

An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20201222 through a memory leak in the swftools when swfdump is used

CVE-2021-42197 7.8 - High - June 02, 2022

An issue was discovered in swftools through 20201222 through a memory leak in the swftools when swfdump is used. It allows an attacker to cause code execution.

Memory Leak

An issue was discovered in swftools through 20201222

CVE-2021-42196 5.5 - Medium - June 02, 2022

An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function traits_parse() located in abc.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20201222

CVE-2021-42195 7.8 - High - June 02, 2022

An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function handleEditText() located in swfdump.c. It allows an attacker to cause code Execution.

Memory Corruption

An issue was discovered in swftools through 20200710

CVE-2021-39582 7.8 - High - September 20, 2021

An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function swf_GetPlaceObject() located in swfobject.c. It allows an attacker to cause code Execution.

Memory Corruption

An issue was discovered in swftools through 20200710

CVE-2021-39597 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function code_dump2() located in code.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39583 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_string2() located in pool.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39584 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function namespace_set_hash() located in pool.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39585 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function traits_dump() located in abc.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39587 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpABC() located in abc.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39588 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_ReadABC() located in abc.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39589 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function parse_metadata() located in abc.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39590 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function params_dump() located in abc.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39591 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_GetShapeBoundingBox() located in swfshape.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39592 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_uint() located in pool.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39593 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_FontExtract_DefineFontInfo() located in swftext.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

Other An issue was discovered in swftools through 20200710

CVE-2021-39594 5.5 - Medium - September 20, 2021

Other An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function updateusage() located in swftext.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39595 7.8 - High - September 20, 2021

An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function rfx_alloc() located in mem.c. It allows an attacker to cause code Execution.

Memory Corruption

An issue was discovered in swftools through 20200710

CVE-2021-39596 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function code_parse() located in code.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39598 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function callcode() located in code.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39579 7.8 - High - September 20, 2021

An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function string_hash() located in q.c. It allows an attacker to cause code Execution.

Memory Corruption

An issue was discovered in swftools through 20200710

CVE-2021-39577 7.8 - High - September 20, 2021

An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function main() located in swfdump.c. It allows an attacker to cause code Execution.

Memory Corruption

An issue was discovered in swftools through 20200710

CVE-2021-39575 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function dump_method() located in abc.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39574 7.8 - High - September 20, 2021

An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function pool_read() located in pool.c. It allows an attacker to cause code Execution.

Memory Corruption

An issue was discovered in swftools through 20200710

CVE-2021-39569 7.8 - High - September 20, 2021

An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function OpAdvance() located in swfaction.c. It allows an attacker to cause code Execution.

Memory Corruption

An issue was discovered in swftools through 20200710

CVE-2021-39564 7.8 - High - September 20, 2021

An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function swf_DumpActions() located in swfaction.c. It allows an attacker to cause code Execution.

Memory Corruption

An issue was discovered in swftools through 20200710

CVE-2021-39563 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpActions() located in swfaction.c. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39562 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function FileStream::makeSubStream() located in Stream.cc. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39561 7.8 - High - September 20, 2021

An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function Gfx::opSetFillColorN() located in Gfx.cc. It allows an attacker to cause code Execution.

Memory Corruption

An issue was discovered in swftools through 20200710

CVE-2021-39559 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function GString::~GString() located in GString.cc. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39558 7.8 - High - September 20, 2021

An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function VectorGraphicOutputDev::drawGeneralImage() located in VectorGraphicOutputDev.cc. It allows an attacker to cause code Execution.

Memory Corruption

An issue was discovered in swftools through 20200710

CVE-2021-39557 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function copyString() located in gmem.cc. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39556 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function InfoOutputDev::type3D1() located in InfoOutputDev.cc. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39555 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function InfoOutputDev::type3D0() located in InfoOutputDev.cc. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39554 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function Lexer::Lexer() located in Lexer.cc. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

An issue was discovered in swftools through 20200710

CVE-2021-39553 5.5 - Medium - September 20, 2021

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function grealloc() located in gmem.cc. It allows an attacker to cause Denial of Service.

NULL Pointer Dereference

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Swftools or by Swftools? Click the Watch button to subscribe.

Swftools
Vendor

Swftools
Product

subscribe