Cvjark

**Name of the Vulnerable Software and Affected Versions** SWFTools version 772e55a2 **Description** A heap-buffer overflow issue was discovered in SWFTools via the `png load` function at `/lib/png.c`. This issue can be exploited, potentially leading to undefined behavior or code execution. No information is available regarding the estimated number of affected devices or real-world incidents. **Recommendations** For SWFTools version 772e55a2, consider applying a patch or fix to address the heap-buffer overflow issue in the `png load` function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A heap-buffer overflow issue was discovered in SWFTools via the png read header function at /src/png2swf.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A segmentation violation was discovered in SWFTools via the `InfoOutputDev::type3D1` function at `/pdf/InfoOutputDev.cc`. This issue affects the `InfoOutputDev` component. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A heap-buffer overflow issue was discovered in SWFTools via the `draw stroke` function at `/gfxpoly/stroke.c`. This issue can potentially be exploited. No information is available about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A segmentation violation was discovered in SWFTools via the `FoFiTrueType::writeTTF` function at `/xpdf/FoFiTrueType.cc`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools version 772e55a2 **Description** A stack overflow issue was discovered in SWFTools via the `ImageStream::getPixel(unsigned char*)` function at `/xpdf/Stream.cc`. This issue may be exploited, but details about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited are not available. **Recommendations** For SWFTools version 772e55a2, as a temporary workaround, consider disabling the `ImageStream::getPixel(unsigned char*)` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A segmentation violation was discovered in SWFTools via the `convert gfxline` function at `/gfxpoly/convert.c`. This issue affects the convert gfxline functionality. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools version 772e55a2 **Description** A heap-buffer overflow issue was discovered in SWFTools via the `DCTStream::readHuffSym(DCTHuffTable*)` function at `/xpdf/Stream.cc`. This issue affects the specified commit. **Recommendations** For SWFTools version 772e55a2, as a temporary workaround, consider restricting access to the `DCTStream::readHuffSym(DCTHuffTable*)` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A global buffer overflow was discovered in SWFTools via the DCTStream::transformDataUnit function at /xpdf/Stream.cc. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A segmentation violation was discovered in SWFTools via the `/multiarch/memmove-vec-unaligned-erms.S` API endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A segmentation violation was discovered in SWFTools via the MovieAddFrame function at /src/gif2swf.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A heap buffer-overflow issue was discovered in SWFTools via the `getGifDelayTime` function at `/home/bupt/Desktop/swftools/src/src/gif2swf.c`. This issue can be exploited, potentially leading to unspecified consequences. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A heap-buffer-overflow issue was discovered in SWFTools via the `getTransparentColor` function. The issue is related to the `gif2swf` component. No information is available about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A heap-buffer overflow was discovered in SWFTools via asan memcpy at /asan/asan interceptors memintrinsics.cpp. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A memory leak was discovered in SWFTools via /lib/mem.c. The issue affects SWFTools commit 772e55a2. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A heap-buffer overflow issue was discovered in SWFTools via the `swf DefineLosslessBitsTagToImage` function at `/modules/swfbits.c`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** JPEGDEC (affected versions not specified) **Description** A floating-point exception (FPE) issue was discovered in JPEGDEC, specifically in the DecodeJPEG function located at /src/jpeg.inl. This issue affects the JPEGDEC commit be4843c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JPEGDEC (affected versions not specified) **Description** A segmentation fault was discovered in JPEGDEC via TIFFSHORT at /src/jpeg.inl, which can be exploited to cause a crash. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JPEGDEC (affected versions not specified) **Description** A floating-point exception (FPE) was discovered in JPEGDEC via TIFFSHORT at the /src/jpeg.inl location. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PNGDec version prior to the version that includes the fix for the issue in commit 8abf6be **Description** A heap buffer overflow was discovered in PNGDec via asan interceptors memintrinsics.cpp. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.