Total
126 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-7698 | 1 Swftools | 1 Swftools | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02. | |||||
| CVE-2017-11101 | 1 Swftools | 1 Swftools | 2026-05-13 | 6.8 MEDIUM | 8.8 HIGH |
| When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_Relocate() function in lib/modules/swftools.c. | |||||
| CVE-2017-1000187 | 1 Swftools | 1 Swftools | 2026-05-13 | 4.3 MEDIUM | 7.8 HIGH |
| In SWFTools, an address access exception was found in pdf2swf. FoFiTrueType::writeTTF() | |||||
| CVE-2017-16868 | 1 Swftools | 1 Swftools | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote attackers to cause a denial of service (integer overflow and NULL pointer dereference) via a crafted WAV file. | |||||
| CVE-2017-11099 | 1 Swftools | 1 Swftools | 2026-05-13 | 6.8 MEDIUM | 8.8 HIGH |
| When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead to a Segmentation Violation in the wav_convert2mono() function in lib/wav.c. | |||||
| CVE-2017-1000176 | 1 Swftools | 1 Swftools | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| In SWFTools, a memcpy buffer overflow was found in swfc. | |||||
| CVE-2017-16711 | 1 Swftools | 1 Swftools | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c in SWFTools 0.9.2 mishandles an uncompress failure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) because of extractDefinitions in lib/readers/swf.c and fill_line_bitmap in lib/devices/render.c, as demonstrated by swfrender. | |||||
| CVE-2010-1516 | 1 Swftools | 1 Swftools | 2026-04-29 | 9.3 HIGH | N/A |
| Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to execute arbitrary code via (1) a crafted PNG file, related to the getPNG function in lib/png.c; or (2) a crafted JPEG file, related to the jpeg_load function in lib/jpeg.c. | |||||
| CVE-2025-6271 | 1 Swftools | 1 Swftools | 2026-04-29 | 1.7 LOW | 3.3 LOW |
| A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wav_convert2mono in the library lib/wav.c of the component wav2swf. The manipulation leads to out-of-bounds read. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-22957 | 1 Swftools | 1 Swftools | 2025-06-20 | N/A | 5.5 MEDIUM |
| swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190. | |||||
| CVE-2024-22955 | 1 Swftools | 1 Swftools | 2025-06-20 | N/A | 7.8 HIGH |
| swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability via the function parseExpression at swftools/src/swfc.c:2576. | |||||
| CVE-2024-22912 | 1 Swftools | 1 Swftools | 2025-06-17 | N/A | 7.8 HIGH |
| A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker to cause code execution. | |||||
| CVE-2024-22562 | 1 Swftools | 1 Swftools | 2025-06-16 | N/A | 7.8 HIGH |
| swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dict_foreach_keyvalue at swftools/lib/q.c. | |||||
| CVE-2024-28458 | 1 Swftools | 1 Swftools | 2025-06-10 | N/A | 7.5 HIGH |
| Null Pointer Dereference vulnerability in swfdump in swftools 0.9.2 allows attackers to crash the appliation via the function compileSWFActionCode in action/actioncompiler.c. | |||||
| CVE-2024-22919 | 1 Swftools | 1 Swftools | 2025-06-05 | N/A | 7.8 HIGH |
| swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587. | |||||
| CVE-2024-22911 | 1 Swftools | 1 Swftools | 2025-06-05 | N/A | 7.8 HIGH |
| A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602. | |||||
| CVE-2023-37644 | 1 Swftools | 1 Swftools | 2025-06-03 | N/A | 5.5 MEDIUM |
| SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in png_read_chunk in lib/png.c. | |||||
| CVE-2024-22956 | 1 Swftools | 1 Swftools | 2025-05-30 | N/A | 7.8 HIGH |
| swftools 0.9.2 was discovered to contain a heap-use-after-free vulnerability via the function removeFromTo at swftools/src/swfc.c:838 | |||||
| CVE-2024-22915 | 1 Swftools | 1 Swftools | 2025-05-30 | N/A | 7.8 HIGH |
| A heap-use-after-free was found in SWFTools v0.9.2, in the function swf_DeleteTag at rfxswf.c:1193. It allows an attacker to cause code execution. | |||||
| CVE-2024-22913 | 1 Swftools | 1 Swftools | 2025-05-30 | N/A | 7.8 HIGH |
| A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution. | |||||