A heap-based buffer overflow in SWFTools could result in the execution of arbitrary code.
|Package||media-gfx/swftools on all architectures|
|Affected versions||<= 0.9.1|
SWFTools is a collection of SWF manipulation and generation utilities written by Rainer Böhme and Matthias Kramm.
Integer overflow errors in the "getPNG()" function in png.c and the "jpeg_load()" function in jpeg.c could cause a heap-based buffer overflow.
A remote attacker could entice a user to open a specially crafted PNG or JPEG file, possibly resulting in execution of arbitrary code with the privileges of the process, or a Denial of Service condition.
There is no known workaround at this time.
Gentoo discontinued support for SWFTools. We recommend that users unmerge swftools:
# emerge --unmerge "media-gfx/swftools"
NOTE: Users could upgrade to ">=media-gfx/swftools-0.9.1", however these packages are not currently stable.
April 17, 2012
April 18, 2012: 2