Product
swftools
126 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-6271
CVE-2024-28458
CVE-2024-26339
CVE-2024-26337
CVE-2024-26335
CVE-2024-26334
CVE-2024-26333
CVE-2024-25165
CVE-2024-22957
CVE-2024-22956
CVE-2024-22955
CVE-2024-22919
CVE-2024-22915
CVE-2024-22914
CVE-2024-22913
CVE-2024-22912
CVE-2024-22911
CVE-2024-22920
CVE-2024-22562
CVE-2023-37644
CVE-2023-29950
CVE-2023-26991
CVE-2023-27249
CVE-2022-46440
CVE-2022-35081
CVE-2022-35080
CVE-2022-35099
CVE-2022-35098
CVE-2022-35097
CVE-2022-35096
CVE-2022-35095
CVE-2022-35094
CVE-2022-35093
CVE-2022-35092
CVE-2022-35091
CVE-2022-35090
CVE-2022-35089
CVE-2022-35088
CVE-2022-35087
CVE-2022-35086
CVE-2022-35085
CVE-2022-40009
CVE-2022-40008
CVE-2022-35114
CVE-2022-35113
CVE-2022-35111
CVE-2022-35110
CVE-2022-35109
CVE-2022-35108
CVE-2022-35107
CVE-2022-35106
CVE-2022-35105
CVE-2022-35104
CVE-2022-35101
CVE-2022-35100
CVE-2021-42204
CVE-2021-42203
CVE-2021-42202
CVE-2021-42201
CVE-2021-42200
CVE-2021-42199
CVE-2021-42198
CVE-2021-42197
CVE-2021-42196
CVE-2021-42195
CVE-2021-39598
CVE-2021-39597
CVE-2021-39596
CVE-2021-39595
CVE-2021-39594
CVE-2021-39593
CVE-2021-39592
CVE-2021-39591
CVE-2021-39590
CVE-2021-39589
CVE-2021-39588
CVE-2021-39587
CVE-2021-39585
CVE-2021-39584
CVE-2021-39583
CVE-2021-39582
CVE-2021-39579
CVE-2021-39577
CVE-2021-39575
CVE-2021-39574
CVE-2021-39569
CVE-2021-39564
CVE-2021-39563
CVE-2021-39562
CVE-2021-39561
CVE-2021-39559
CVE-2021-39558
CVE-2021-39557
CVE-2021-39556
CVE-2021-39555
CVE-2021-39554
CVE-2021-39553
CVE-2017-16890
CVE-2017-16868
CVE-2017-1000187
CVE-2017-1000186
CVE-2017-1000185
CVE-2017-1000182
CVE-2017-1000176
CVE-2017-1000174
CVE-2017-16797
CVE-2017-16796
CVE-2017-16794
CVE-2017-16793
CVE-2017-16711
CVE-2017-11101
CVE-2017-11100
CVE-2017-11099
CVE-2017-11098
CVE-2017-11097
CVE-2017-11096
CVE-2017-10976
CVE-2017-9927
CVE-2017-9926
CVE-2017-9925
CVE-2017-9924
CVE-2017-8420
CVE-2017-7698
CVE-2017-8401
CVE-2017-8400
CVE-2010-1516
< 0.9.2
A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wav_convert2mon
all versions
Null Pointer Dereference vulnerability in swfdump in swftools 0.9.2 allows attackers to crash the appliation via the function comp
all versions
swftools v0.9.2 was discovered to contain a strcpy parameter overlap via /home/swftools/src/swfc+0x48318a.
all versions
swftools v0.9.2 was discovered to contain a segmentation violation via the function s_font at swftools/src/swfc.c.
all versions
swftools v0.9.2 was discovered to contain a segmentation violation via the function state_free at swftools/src/swfc-history.c.
all versions
swftools v0.9.2 was discovered to contain a segmentation violation via the function compileSWFActionCode at swftools/lib/action/ac
all versions
swftools v0.9.2 was discovered to contain a segmentation violation via the function free_lines at swftools/lib/modules/swfshape.c.
all versions
A global-buffer-overflow vulnerability was found in SWFTools v0.9.2, in the function LineText at lib/swf5compiler.flex.
all versions
swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1
all versions
swftools 0.9.2 was discovered to contain a heap-use-after-free vulnerability via the function removeFromTo at swftools/src/swfc.c:
all versions
swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability via the function parseExpression at swftools/src/s
all versions
swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/sw
all versions
A heap-use-after-free was found in SWFTools v0.9.2, in the function swf_DeleteTag at rfxswf.c:1193. It allows an attacker to cause
all versions
A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620. It allows an attacker to cause denia
all versions
A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause co
all versions
A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker t
all versions
A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602.
all versions
swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c.
all versions
swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dict_foreach_keyvalue at swftools/lib/q.c.
all versions
SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pd
all versions
swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDs_fillstyle at modules/swftools.c
all versions
SWFTools v0.9.2 was discovered to contain a stack-use-after-scope in the swf_ReadSWF2 function in lib/rfxswf.c.
all versions
swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swf_GetPlaceObject at swfobject.c.
all versions
ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c.
all versions
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_read_header at /src/png2swf.c.
all versions
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_load at /lib/png.c.
all versions
SWFTools commit 772e55a2 was discovered to contain a stack overflow via ImageStream::getPixel(unsigned char*) at /xpdf/Stream.cc.
all versions
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColor(GfxColor*) at
all versions
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeTTF at /xpdf/FoFiTrueType.cc.
all versions
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c.
all versions
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via InfoOutputDev::type3D1 at /pdf/InfoOutputDev.cc.
all versions
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Strea
all versions
SWFTools commit 772e55a2 was discovered to contain a global buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc.
all versions
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via convert_gfxline at /gfxpoly/convert.c.
all versions
SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream::readMCURow() at /xpdf/Stream.cc
all versions
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan/asan_interceptors_memintrinsi
all versions
SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow via getTransparentColor at /home/bupt/Desktop/swftools/s
all versions
SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow via getGifDelayTime at /home/bupt/Desktop/swftools/src/s
all versions
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c.
all versions
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.
all versions
SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c.
all versions
SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c.
all versions
SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c.
all versions
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via extractFrame at /readers/swf.c.
all versions
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via swf_DefineLosslessBitsTagToImage at /modules/swfbits
all versions
SWFTools commit 772e55a2 was discovered to contain a stack overflow via __sanitizer::StackDepotNode::hash(__sanitizer::StackTrace
all versions
SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c.
all versions
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c.
all versions
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc.
all versions
SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common/vfprintf.c.
all versions
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::computeTableChecksum(unsigned char*,
all versions
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via /bin/png2swf+0x552cea.
all versions
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::reset() at /xpdf/Stream.cc.
all versions
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memset-vec-unaligned-erms.S.
all versions
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via gfxline_getbbox at /lib/gfxtools.c.
<= 2020-12-22
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetBits() located in rfxsw
<= 2020-12-22
An issue was discovered in swftools through 20201222. A heap-use-after-free exists in the function swf_FontExtract_DefineTextCallb
<= 2020-12-22
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_DeleteFilter() located
<= 2020-12-22
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetD64() located in rfxswf
<= 2020-12-22
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function main() located in swfdump.
<= 2020-12-22
An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the function swf_FontExtract_DefineTextCall
<= 2020-12-22
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_GetBits() located in r
<= 2020-12-22
An issue was discovered in swftools through 20201222 through a memory leak in the swftools when swfdump is used. It allows an atta
<= 2020-12-22
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function traits_parse() located in
<= 2020-12-22
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function handleEditText() located in sw
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function callcode() located in code
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function code_dump2() located in co
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function code_parse() located in co
<= 2020-07-10
An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function rfx_alloc() located in mem.c.
<= 2020-07-10
Other An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function updateusage() locate
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_FontExtract_DefineFont
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_uint() located
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_GetShapeBoundingBox()
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function params_dump() located in a
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function parse_metadata() located i
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_ReadABC() located in a
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpABC() located in a
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function traits_dump() located in a
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function namespace_set_hash() locat
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function pool_lookup_string2() loca
<= 2020-07-10
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function swf_GetPlaceObject() located i
<= 2020-07-10
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function string_hash() located in q.c.
<= 2020-07-10
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function main() located in swfdump.c. I
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function dump_method() located in a
<= 2020-07-10
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function pool_read() located in pool.c.
<= 2020-07-10
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function OpAdvance() located in swfacti
<= 2020-07-10
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function swf_DumpActions() located in s
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpActions() located
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function FileStream::makeSubStream(
<= 2020-07-10
An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function Gfx::opSetFillColorN() locate
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function GString::~GString() locate
<= 2020-07-10
An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function VectorGraphicOutputDev::drawG
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function copyString() located in gm
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function InfoOutputDev::type3D1() l
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function InfoOutputDev::type3D0() l
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function Lexer::Lexer() located in
<= 2020-07-10
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function grealloc() located in gmem
all versions
SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono function in lib/wav.c because the align value may be zero.
all versions
In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, wh
all versions
In SWFTools, an address access exception was found in pdf2swf. FoFiTrueType::writeTTF()
all versions
In SWFTools, a stack overflow was found in pdf2swf.
all versions
In SWFTools, a memcpy buffer overflow was found in gif2swf.
all versions
In SWFTools, a memory leak was found in wav2swf.
all versions
In SWFTools, a memcpy buffer overflow was found in swfc.
all versions
In SWFTools, an address access exception was found in swfdump swf_GetBits().
all versions
In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height
all versions
In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote attac
all versions
The png_load function in lib/png.c in SWFTools 0.9.2 does not properly validate a multiplication of width and bits-per-pixel value
all versions
The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to
all versions
The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c in SWFTools 0.9.2 mishandles an uncompress failure, which a
all versions
When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_Relocate() functi
all versions
When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swf_FoldSprite() func
all versions
When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead to a Segmentation Violation in the wav_convert2mono() functio
all versions
When SWFTools 0.9.2 processes a crafted file in png2swf, it can lead to a Segmentation Violation in the png_load() function in lib
all versions
When SWFTools 0.9.2 processes a crafted file in swfc, it can lead to a NULL Pointer Dereference in the dict_lookup() function in l
all versions
When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_DeleteFilter() fu
all versions
When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead to a heap-based buffer over-read in the readBlock() function
all versions
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified
all versions
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified
all versions
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to execute arbitrary code or cause a denial of service via
all versions
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to execute arbitrary code or cause a denial of service via
all versions
SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address controls Branch Selection starting at image00000000_00400000
<= 0.9.2
A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malform
<= 0.9.2
In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function png_load() in lib/png.c:724. This issue can be tri
<= 0.9.2
In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755. This issue can be tr
all versions
Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to execute arbitrary code via (1) a crafted PNG file, related