‘SWFTools Two Integer Overflow Vulnerabilities’

Summary

Secunia Research has discovered two vulnerabilities in SWFTools, which can be exploited by malicious people to compromise a user’s system.’

Credit:

‘The information has been provided by Stefan Cornelius.
The original article can be found at: http://secunia.com/secunia_research/2010-80/


Details

Vulnerable Systems:
 * SWFTools version 0.9.1

The vulnerabilities are:

1) An integer overflow error within the ‘getPNG()’ function in lib/png.c can be exploited to cause a heap-based buffer overflow via specially crafted PNG images.

2) An integer overflow error within the ‘jpeg_load()’ function in lib/jpeg.c can be exploited to cause a heap-based buffer overflow via specially crafted JPEG images.

Patch Availability:
Fixed in the GIT repository.

CVE Information:
CVE-2010-1516

Disclosure Timeline:
10/06/2010 – Vendor notified.
10/06/2010 – Vendor response.
13/08/2010 – Public disclosure.’

Categories: News