Stack Buffer Underflow Vulnerability in SWFTools by Matthias Kramm
CVE-2024-22911

7.8HIGH

Key Information:

Vendor: Swftools
Vendor: CVE Published:; 19 January 2024

What is CVE-2024-22911?

A stack-buffer-underflow vulnerability has been identified in SWFTools v0.9.2. This vulnerability occurs within the parseExpression function located at src/swfc.c:2602. An attacker taking advantage of this flaw could potentially exploit it to manipulate the execution flow of the application.

References

https://github.com/matthiaskramm/swftools/issues/216

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 19, 2024
Vulnerability Reserved
Jan 11, 2024

Swftools

What is CVE-2024-22911?

References

CVSS V3.1

Timeline