Public bug reported:
Binary package hint: gnash
"server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash
Player) 0.7.2 allows remote attackers to execute arbitrary code via a
large number of SHOWFRAME elements within a DEFINESPRITE element,
which triggers memory corruption and enables the attacker to call free
with an arbitrary address, probably resultant from a buffer overflow."
Only Feisty is affected. I'm preparing a debdiff now.
** Affects: gnash (Ubuntu)
Importance: Undecided
Status: Invalid
** Affects: gnash (Ubuntu Feisty)
Importance: High
Assignee: William Grant
Status: In Progress
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-2500
** Changed in: gnash (Ubuntu)
Status: New => Invalid
** Changed in: gnash (Ubuntu Feisty)
Importance: Undecided => High
Assignee: (unassigned) => William Grant
Status: New => In Progress
--
CVE-2007-2500: memory corruption vulnerability in gnash
https://bugs.launchpad.net/bugs/130091
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
