CVE-2017-8420

Name of the Vulnerable Software and Affected Versions SWFTools version 2013-04-09-1007

Description The issue arises from the mishandling of a malformed TTF file by the font2swf component, leading to a potential Denial of Service (DoS) due to an Access Violation. This can be triggered when font2swf processes a specially crafted TTF file, causing the program to crash.

Recommendations For SWFTools version 2013-04-09-1007, consider avoiding the use of malformed TTF files with the font2swf component until a fix is available. As a temporary workaround, restrict the input to font2swf to prevent the processing of potentially malicious TTF files.