CVE-2022-35095 is a medium-severity vulnerability identified in SWFTools, specifically related to a segmentation violation occurring in the function InfoOutputDev::type3D1 within the source file /pdf/InfoOutputDev.cc. This vulnerability is classified under CWE-787, which corresponds to out-of-bounds write errors, indicating that the software attempts to write data outside the boundaries of allocated memory. Such memory corruption issues can lead to application crashes or potentially be leveraged to execute arbitrary code, although in this case, the CVSS vector indicates no impact on confidentiality or integrity, only availability. The CVSS 3.1 base score is 5.5, reflecting a medium severity level. The attack vector is local (AV:L), meaning an attacker must have local access to the system to exploit the vulnerability. The attack complexity is low (AC:L), no privileges are required (PR:N), but user interaction is required (UI:R), and the scope remains unchanged (S:U). The impact is limited to availability (A:H), indicating that exploitation can cause denial of service by crashing the application. No known exploits are reported in the wild, and no patches or vendor information are currently available. The vulnerability was published on September 23, 2022, and is associated with a specific commit (772e55a2) in the SWFTools project. SWFTools is a collection of utilities for working with Adobe Flash files and PDF documents, often used in document processing workflows.

For European organizations, the primary impact of CVE-2022-35095 is the potential disruption of services relying on SWFTools for PDF or Flash file processing. Since the vulnerability can cause application crashes via a segmentation fault, it may lead to denial of service conditions, affecting availability of document processing pipelines. This could impact sectors such as publishing, digital media, legal, and governmental agencies that utilize SWFTools in their workflows. However, the local attack vector and requirement for user interaction limit the risk of remote exploitation. The absence of confidentiality or integrity impact reduces the risk of data breaches or unauthorized data manipulation. Nonetheless, denial of service in critical document processing systems could delay operations and cause productivity losses. Organizations using SWFTools on local machines or servers should be aware of this vulnerability, especially if untrusted or maliciously crafted PDF files are processed by users, as this could trigger the crash.

Given the lack of an official patch or vendor guidance, European organizations should implement the following specific mitigations: 1) Restrict local access to systems running SWFTools to trusted users only, minimizing the risk of local exploitation. 2) Implement strict file validation and scanning to detect and block malformed or suspicious PDF files before processing with SWFTools. 3) Employ application sandboxing or containerization to isolate SWFTools processes, limiting the impact of potential crashes on the broader system. 4) Monitor logs and system behavior for signs of crashes or abnormal terminations related to SWFTools usage. 5) Consider replacing SWFTools with alternative, actively maintained PDF processing tools that do not exhibit this vulnerability. 6) Educate users about the risk of opening untrusted PDF or Flash files locally, emphasizing cautious handling to prevent triggering the vulnerability. 7) Stay updated with SWFTools project communications for any forthcoming patches or security advisories.