CVE-2010-1516

Sažetak

Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to execute arbitrary code via (1) a crafted PNG file, related to the getPNG function in lib/png.c; or (2) a crafted JPEG file, related to the jpeg_load function in lib/jpeg.c.

Reference

http://secunia.com/advisories/39970
http://secunia.com/advisories/48821
http://secunia.com/secunia_research/2010-80/
http://security.gentoo.org/glsa/glsa-201204-05.xml
http://www.securityfocus.com/archive/1/513102/100/0/threaded

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

10-10-2018 - 19:57

Objavljeno

17-08-2010 - 22:00