Swftools
By the Year
In 2024 there have been 12 vulnerabilities in Swftools with an average score of 7.2 out of ten. Last year Swftools had 4 security vulnerabilities published. That is, 8 more vulnerabilities have already been reported in 2024 as compared to last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 1.15.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 12 | 7.23 |
2023 | 4 | 6.08 |
2022 | 41 | 6.07 |
2021 | 32 | 6.15 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Swftools vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Swftools Security Vulnerabilities
swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability
CVE-2024-22957
5.5 - Medium
- January 19, 2024
swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190.
Out-of-bounds Read
swftools 0.9.2 was discovered to contain a heap-use-after-free vulnerability
CVE-2024-22956
7.8 - High
- January 19, 2024
swftools 0.9.2 was discovered to contain a heap-use-after-free vulnerability via the function removeFromTo at swftools/src/swfc.c:838
Dangling pointer
A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2
CVE-2024-22911
7.8 - High
- January 19, 2024
A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602.
Memory Corruption
A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327
CVE-2024-22912
7.8 - High
- January 19, 2024
A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker to cause code execution.
Classic Buffer Overflow
A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321
CVE-2024-22913
7.8 - High
- January 19, 2024
A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution.
Memory Corruption
A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620
CVE-2024-22914
5.5 - Medium
- January 19, 2024
A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620. It allows an attacker to cause denial of service.
Dangling pointer
A heap-use-after-free was found in SWFTools v0.9.2, in the function swf_DeleteTag at rfxswf.c:1193
CVE-2024-22915
7.8 - High
- January 19, 2024
A heap-use-after-free was found in SWFTools v0.9.2, in the function swf_DeleteTag at rfxswf.c:1193. It allows an attacker to cause code execution.
Dangling pointer
swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability
CVE-2024-22919
7.8 - High
- January 19, 2024
swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587.
Classic Buffer Overflow
swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability
CVE-2024-22955
7.8 - High
- January 19, 2024
swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability via the function parseExpression at swftools/src/swfc.c:2576.
Memory Corruption
swftools 0.9.2 was discovered to contain a Stack Buffer Underflow
CVE-2024-22562
7.8 - High
- January 19, 2024
swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dict_foreach_keyvalue at swftools/lib/q.c.
Memory Corruption
swftools 0.9.2 was discovered to contain a heap-use-after-free
CVE-2024-22920
7.8 - High
- January 19, 2024
swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c.
Dangling pointer
SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf
CVE-2023-37644
5.5 - Medium
- January 11, 2024
SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in png_read_chunk in lib/png.c.
Memory Corruption
swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDs_fillstyle at modules/swftools.c
CVE-2023-29950
5.5 - Medium
- April 27, 2023
swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDs_fillstyle at modules/swftools.c
Memory Corruption
SWFTools v0.9.2 was discovered to contain a stack-use-after-scope in the swf_ReadSWF2 function in lib/rfxswf.c.
CVE-2023-26991
7.8 - High
- April 04, 2023
SWFTools v0.9.2 was discovered to contain a stack-use-after-scope in the swf_ReadSWF2 function in lib/rfxswf.c.
Dangling pointer
swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swf_GetPlaceObject at swfobject.c.
CVE-2023-27249
5.5 - Medium
- March 23, 2023
swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swf_GetPlaceObject at swfobject.c.
Memory Corruption
ttftool v0.9.2 was discovered to contain a segmentation violation
CVE-2022-46440
5.5 - Medium
- February 24, 2023
ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c.
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow
CVE-2022-35081
5.5 - Medium
- October 13, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_read_header at /src/png2swf.c.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow
CVE-2022-35080
5.5 - Medium
- October 13, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_load at /lib/png.c.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow
CVE-2022-35094
5.5 - Medium
- September 23, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a stack overflow
CVE-2022-35099
5.5 - Medium
- September 23, 2022
SWFTools commit 772e55a2 was discovered to contain a stack overflow via ImageStream::getPixel(unsigned char*) at /xpdf/Stream.cc.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow
CVE-2022-35098
5.5 - Medium
- September 23, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColor(GfxColor*) at /xpdf/GfxState.cc.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a segmentation violation
CVE-2022-35097
5.5 - Medium
- September 23, 2022
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeTTF at /xpdf/FoFiTrueType.cc.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow
CVE-2022-35096
5.5 - Medium
- September 23, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a segmentation violation
CVE-2022-35095
5.5 - Medium
- September 23, 2022
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via InfoOutputDev::type3D1 at /pdf/InfoOutputDev.cc.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a global buffer overflow
CVE-2022-35093
5.5 - Medium
- September 23, 2022
SWFTools commit 772e55a2 was discovered to contain a global buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a segmentation violation
CVE-2022-35092
5.5 - Medium
- September 23, 2022
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via convert_gfxline at /gfxpoly/convert.c.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE)
CVE-2022-35091
5.5 - Medium
- September 23, 2022
SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream::readMCURow() at /xpdf/Stream.cc.ow()
Incorrect Comparison
SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow
CVE-2022-35088
5.5 - Medium
- September 21, 2022
SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow via getGifDelayTime at /home/bupt/Desktop/swftools/src/src/gif2swf.c.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow
CVE-2022-35090
5.5 - Medium
- September 21, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan/asan_interceptors_memintrinsics.cpp:.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow
CVE-2022-35089
5.5 - Medium
- September 21, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow via getTransparentColor at /home/bupt/Desktop/swftools/src/gif2swf.
Allocation of Resources Without Limits or Throttling
SWFTools commit 772e55a2 was discovered to contain a segmentation violation
CVE-2022-35087
5.5 - Medium
- September 21, 2022
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c.
Out-of-bounds Read
SWFTools commit 772e55a2 was discovered to contain a segmentation violation
CVE-2022-35086
5.5 - Medium
- September 21, 2022
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a memory leak
CVE-2022-35085
5.5 - Medium
- September 21, 2022
SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c.
Memory Leak
SWFTools commit 772e55a was discovered to contain a heap-buffer overflow
CVE-2022-40008
9.8 - Critical
- September 20, 2022
SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c.
Memory Corruption
SWFTools commit 772e55a was discovered to contain a heap-use-after-free
CVE-2022-40009
9.8 - Critical
- September 20, 2022
SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c.
Dangling pointer
SWFTools commit 772e55a2 was discovered to contain a stack overflow
CVE-2022-35111
5.5 - Medium
- August 16, 2022
SWFTools commit 772e55a2 was discovered to contain a stack overflow via __sanitizer::StackDepotNode::hash(__sanitizer::StackTrace const&) at /sanitizer_common/sanitizer_stackdepot.cpp.
Allocation of Resources Without Limits or Throttling
SWFTools commit 772e55a2 was discovered to contain a memory leak
CVE-2022-35110
5.5 - Medium
- August 16, 2022
SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c.
Memory Leak
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow
CVE-2022-35109
5.5 - Medium
- August 16, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a segmentation violation
CVE-2022-35108
5.5 - Medium
- August 16, 2022
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc.
NULL Pointer Dereference
SWFTools commit 772e55a2 was discovered to contain a stack overflow
CVE-2022-35107
5.5 - Medium
- August 16, 2022
SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common/vfprintf.c.
Allocation of Resources Without Limits or Throttling
SWFTools commit 772e55a2 was discovered to contain a segmentation violation
CVE-2022-35106
5.5 - Medium
- August 16, 2022
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::computeTableChecksum(unsigned char*, int) at /xpdf/FoFiTrueType.cc.
Out-of-bounds Read
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow
CVE-2022-35105
5.5 - Medium
- August 16, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via /bin/png2swf+0x552cea.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow
CVE-2022-35104
5.5 - Medium
- August 16, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::reset() at /xpdf/Stream.cc.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a segmentation violation
CVE-2022-35101
5.5 - Medium
- August 16, 2022
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memset-vec-unaligned-erms.S.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a segmentation violation
CVE-2022-35100
6.5 - Medium
- August 16, 2022
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via gfxline_getbbox at /lib/gfxtools.c.
Out-of-bounds Read
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow
CVE-2022-35113
5.5 - Medium
- August 16, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via swf_DefineLosslessBitsTagToImage at /modules/swfbits.c.
Memory Corruption
SWFTools commit 772e55a2 was discovered to contain a segmentation violation
CVE-2022-35114
5.5 - Medium
- August 16, 2022
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via extractFrame at /readers/swf.c.
Out-of-bounds Read
An issue was discovered in swftools through 20201222
CVE-2021-42202
5.5 - Medium
- June 02, 2022
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_DeleteFilter() located in swffilter.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20201222
CVE-2021-42204
7.8 - High
- June 02, 2022
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause code execution.
Memory Corruption
An issue was discovered in swftools through 20201222
CVE-2021-42203
7.8 - High
- June 02, 2022
An issue was discovered in swftools through 20201222. A heap-use-after-free exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution.
Dangling pointer
An issue was discovered in swftools through 20201222
CVE-2021-42201
7.8 - High
- June 02, 2022
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetD64() located in rfxswf.c. It allows an attacker to cause code execution.
Memory Corruption
An issue was discovered in swftools through 20201222
CVE-2021-42200
5.5 - Medium
- June 02, 2022
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function main() located in swfdump.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20201222
CVE-2021-42199
7.8 - High
- June 02, 2022
An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution.
Memory Corruption
An issue was discovered in swftools through 20201222
CVE-2021-42198
5.5 - Medium
- June 02, 2022
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20201222 through a memory leak in the swftools when swfdump is used
CVE-2021-42197
7.8 - High
- June 02, 2022
An issue was discovered in swftools through 20201222 through a memory leak in the swftools when swfdump is used. It allows an attacker to cause code execution.
Memory Leak
An issue was discovered in swftools through 20201222
CVE-2021-42196
5.5 - Medium
- June 02, 2022
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function traits_parse() located in abc.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20201222
CVE-2021-42195
7.8 - High
- June 02, 2022
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function handleEditText() located in swfdump.c. It allows an attacker to cause code Execution.
Memory Corruption
An issue was discovered in swftools through 20200710
CVE-2021-39582
7.8 - High
- September 20, 2021
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function swf_GetPlaceObject() located in swfobject.c. It allows an attacker to cause code Execution.
Memory Corruption
An issue was discovered in swftools through 20200710
CVE-2021-39597
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function code_dump2() located in code.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39583
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_string2() located in pool.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39584
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function namespace_set_hash() located in pool.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39585
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function traits_dump() located in abc.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39587
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpABC() located in abc.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39588
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_ReadABC() located in abc.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39589
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function parse_metadata() located in abc.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39590
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function params_dump() located in abc.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39591
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_GetShapeBoundingBox() located in swfshape.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39592
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_uint() located in pool.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39593
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_FontExtract_DefineFontInfo() located in swftext.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
Other An issue was discovered in swftools through 20200710
CVE-2021-39594
5.5 - Medium
- September 20, 2021
Other An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function updateusage() located in swftext.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39595
7.8 - High
- September 20, 2021
An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function rfx_alloc() located in mem.c. It allows an attacker to cause code Execution.
Memory Corruption
An issue was discovered in swftools through 20200710
CVE-2021-39596
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function code_parse() located in code.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39598
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function callcode() located in code.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39579
7.8 - High
- September 20, 2021
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function string_hash() located in q.c. It allows an attacker to cause code Execution.
Memory Corruption
An issue was discovered in swftools through 20200710
CVE-2021-39577
7.8 - High
- September 20, 2021
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function main() located in swfdump.c. It allows an attacker to cause code Execution.
Memory Corruption
An issue was discovered in swftools through 20200710
CVE-2021-39575
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function dump_method() located in abc.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39574
7.8 - High
- September 20, 2021
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function pool_read() located in pool.c. It allows an attacker to cause code Execution.
Memory Corruption
An issue was discovered in swftools through 20200710
CVE-2021-39569
7.8 - High
- September 20, 2021
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function OpAdvance() located in swfaction.c. It allows an attacker to cause code Execution.
Memory Corruption
An issue was discovered in swftools through 20200710
CVE-2021-39564
7.8 - High
- September 20, 2021
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function swf_DumpActions() located in swfaction.c. It allows an attacker to cause code Execution.
Memory Corruption
An issue was discovered in swftools through 20200710
CVE-2021-39563
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpActions() located in swfaction.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39562
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function FileStream::makeSubStream() located in Stream.cc. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39561
7.8 - High
- September 20, 2021
An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function Gfx::opSetFillColorN() located in Gfx.cc. It allows an attacker to cause code Execution.
Memory Corruption
An issue was discovered in swftools through 20200710
CVE-2021-39559
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function GString::~GString() located in GString.cc. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39558
7.8 - High
- September 20, 2021
An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function VectorGraphicOutputDev::drawGeneralImage() located in VectorGraphicOutputDev.cc. It allows an attacker to cause code Execution.
Memory Corruption
An issue was discovered in swftools through 20200710
CVE-2021-39557
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function copyString() located in gmem.cc. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39556
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function InfoOutputDev::type3D1() located in InfoOutputDev.cc. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39555
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function InfoOutputDev::type3D0() located in InfoOutputDev.cc. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39554
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function Lexer::Lexer() located in Lexer.cc. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in swftools through 20200710
CVE-2021-39553
5.5 - Medium
- September 20, 2021
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function grealloc() located in gmem.cc. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference