|
|
CVE Reference: CVE-2007-2500 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-2500 |
|
|
Description: server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash Player) 0.7.2 allows remote attackers to execute arbitrary code via a large number of SHOWFRAME elements within a DEFINESPRITE element, which triggers memory corruption and enables the attacker to call free with an arbitrary address, probably resultant from a buffer overflow. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/34148 SUSE http://www.novell.com/linux/security/advisories/2007_13_sr.html ST 1018041 SAID Secunia Advisory: SA25787 OSVDB 37273 MISC http://savannah.gnu.org/bugs/?19774 BID 23765 |
|
| Return to the previous page. |
