SWFTools 'swfbits.c' Remote Denial of Service Vulnerability

SWFTools is prone to a remote denial-of-service vulnerability.

Successful exploits may allow the attacker to cause the application to crash, resulting in denial-of-service conditions.

SWFTools 0.9.2 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 101797
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-16711

Remote: Yes
Local: No
Published: Nov 09 2017 12:00AM
Updated: Nov 13 2017 08:06PM
Credit: binsh fpbibi
Vulnerable: SWFTools SWFTools 0.9.2

Not Vulnerable:

Exploit

The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

References:

• A null pointer dereference bug of swfrender (SWFTools )
  
• SWFTools Homepage (SWFTools)
  

Source: www.securityfocus.com