NULL Pointer Dereference

CVE-2017-11096

High

8.8/10

Summary

When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_DeleteFilter() function in lib/modules/swffilter.c.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-476 - NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

Advisory Timeline

Published Jul 07, 2017

NULL Pointer Dereference

CVE-2017-11096

Summary

CWE-476 - NULL Pointer Dereference

References

Advisory Timeline

ChainJacking

CodeBashing

ChainAlert