mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-15 07:40:25 +02:00
0xMarcio
873 B
873 B
CVE-2017-16794
Description
The png_load function in lib/png.c in SWFTools 0.9.2 does not properly validate a multiplication of width and bits-per-pixel values, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an erroneous png_load call that occurs because of incorrect integer data types in png2swf.