Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-8401

Опубликовано: 01 мая 2017
Источник: debian

Описание

In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function png_load() in lib/png.c:724. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
swftoolsremovedpackage

Примечания

  • https://github.com/matthiaskramm/swftools/issues/14

  • https://github.com/matthiaskramm/swftools/commit/392fb1f3cd9a5b167787c551615c651c3f5326f2

  • Crash in CLI tool not considered a security issue

Связанные уязвимости

ubuntu логотип

CVE-2017-8401

CVSS3: 6.5
ubuntu
почти 9 лет назад

In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function png_load() in lib/png.c:724. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS.

nvd логотип

CVE-2017-8401

CVSS3: 6.5
nvd
почти 9 лет назад

In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function png_load() in lib/png.c:724. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS.

github логотип

GHSA-6vjq-p3rw-f392

CVSS3: 6.5
github
больше 3 лет назад

In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function png_load() in lib/png.c:724. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS.

suse-cvrf логотип

openSUSE-SU-2017:1230-1

suse-cvrf
больше 8 лет назад

Security update for swftools