CVE-2024-28458

7.5 HIGH

Denial of Service

📋 TL;DR

A Null Pointer Dereference vulnerability in swfdump within swftools 0.9.2 allows attackers to crash the application by exploiting the compileSWFActionCode function. This affects users processing untrusted SWF files with swftools. The vulnerability can cause denial of service but does not appear to allow code execution.

💻 Affected Systems

Products:

• swftools

Versions: 0.9.2 (likely earlier versions too)

Operating Systems: Linux, Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is in swfdump component when processing SWF files with action code

📦 What is this software?

Swftools by Swftools

View all CVEs affecting Swftools →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Application crash leading to denial of service for SWF processing functionality

🟠

Likely Case

Application crash when processing malicious SWF files

🟢

If Mitigated

No impact if application is not processing untrusted SWF files

🌐 Internet-Facing: MEDIUM - Could affect web services processing user-uploaded SWF files

🏢 Internal Only: LOW - Typically used as a command-line tool for SWF analysis

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Proof of concept available on GitHub demonstrates crash via crafted SWF file

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider workarounds or alternative tools.

🔧 Temporary Workarounds

Disable swfdump processing

linux

Remove or disable swfdump binary to prevent exploitation

Copy

sudo rm /usr/bin/swfdump
sudo chmod 000 /usr/bin/swfdump

Use alternative SWF tools

all

Replace swftools with alternative SWF processing utilities

🧯 If You Can't Patch

• Restrict swfdump usage to trusted users only
• Implement input validation for SWF files before processing

🔍 How to Verify

Check if Vulnerable:

Copy

Check swftools version: swfdump -v or dpkg -l | grep swftools

Check Version:

Copy

swfdump -v 2>&1 | head -1

Verify Fix Applied:

Copy

Test with known malicious SWF file from PoC repository

📡 Detection & Monitoring

Log Indicators:

• Segmentation fault errors from swfdump process
• Unexpected swfdump process termination

Network Indicators:

• Uploads of SWF files to web applications

SIEM Query:

Copy

process_name:swfdump AND (event_type:crash OR exit_code:139)

📊 Metadata

CVE ID: CVE-2024-28458

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

Published: April 11, 2024

Last Updated: June 10, 2025

🔗 References

• https://github.com/keepinggg/poc/blob/main/poc_of_swfc Exploit
• https://github.com/keepinggg/poc/blob/main/poc_of_swfc Exploit

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-28458, you might also want to check these:

CVE-2022-36648 10.0

This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed i...

Same vulnerability type (CWE-476)

CVE-2022-30592 9.8

This vulnerability in LiteSpeed QUIC (LSQUIC) before version 3.1.0 involves improper handling of MAX...

Same vulnerability type (CWE-476)

CVE-2023-47003 9.8

A NULL pointer dereference vulnerability in RedisGraph allows attackers to execute arbitrary code or...

Same vulnerability type (CWE-476)