Diggingwei

#7477of 53,608
36.7Total CVSS
Vulnerabilities · 5
Medium
1
High
4
PT-2024-19607
7.8
2024-01-19
Swftools · Swftools · CVE-2024-22911
**Name of the Vulnerable Software and Affected Versions** SWFTools version 0.9.2 **Description** A stack-buffer-underflow issue was found in the function `parseExpression` at `src/swfc.c:2602`. This issue can potentially lead to a denial of service. **Recommendations** For SWFTools version 0.9.2, as a temporary workaround, consider disabling the `parseExpression` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.
PT-2024-19608
7.8
2024-01-19
Swftools · Swftools · CVE-2024-22912
**Name of the Vulnerable Software and Affected Versions** SWFTools version 0.9.2 **Description** A global-buffer-overflow was found in the function `countline` at `swf5compiler.flex:327`. It allows an attacker to cause code execution. **Recommendations** For SWFTools version 0.9.2, consider disabling the `countline` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-19609
7.8
2024-01-19
Swftools · Swftools · CVE-2024-22913
**Name of the Vulnerable Software and Affected Versions** SWFTools version 0.9.2 **Description** A heap-buffer-overflow was found in the function `swf5lex` at `lex.swf5.c:1321`. It allows an attacker to cause code execution. **Recommendations** For SWFTools version 0.9.2, consider disabling the `swf5lex` function as a temporary workaround until a patch is available.
PT-2024-19610
5.5
2024-01-19
Swftools · Swftools · CVE-2024-22914
**Name of the Vulnerable Software and Affected Versions** SWFTools version 0.9.2 **Description** A heap-use-after-free issue was found in the function input at lex.swf5.c:2620, allowing an attacker to cause denial of service. **Recommendations** For SWFTools version 0.9.2, consider disabling the function input at lex.swf5.c:2620 as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-19611
7.8
2024-01-19
Swftools · Swftools · CVE-2024-22915
**Name of the Vulnerable Software and Affected Versions** SWFTools version 0.9.2 **Description** A heap-use-after-free issue was found in the function `swf DeleteTag` at `rfxswf.c:1193`. This issue allows an attacker to cause code execution. **Recommendations** For SWFTools version 0.9.2, consider disabling the `swf DeleteTag` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.