Memory Leak Vulnerability in Swftools Affects Code Execution
CVE-2021-42197

7.8HIGH

Key Information:

Vendor: Swftools
Status: Swftools
Vendor: CVE Published:; 2 June 2022

What is CVE-2021-42197?

A memory leak has been identified in Swftools, specifically when the swfdump utility is employed. This flaw can potentially be exploited by attackers, allowing unauthorized code execution on affected systems. Users of Swftools version 20201222 and earlier should be vigilant and consider applying necessary updates or mitigating measures to safeguard their environments from potential exploitation.

References

https://github.com/matthiaskramm/swftools/issues/177

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2022
Vulnerability Reserved
Oct 11, 2021

JSON