Memory Allocation Vulnerability in SWFTools 0.9.2: Exploiting png_read_chunk in lib/png.c

CVE-2023-37644 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in png_read_chunk in lib/png.c.

Learn more about our Web Application Penetration Testing UK.