Computer Security
[EN] no-pyccku

GNU Gnash Flash Player array overflow
SecurityVulns ID:7692
Threat Level:
Description:Array overflow on large number of SHOWFRAME elements within DEFINESPRITE.
Affected:GNU : Gnash 0.7
CVE:CVE-2007-2500 (server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash Player) 0.7.2 allows remote attackers to execute arbitrary code via a large number of SHOWFRAME elements within a DEFINESPRITE element, which triggers memory corruption and enables the attacker to call free with an arbitrary address, probably resultant from a buffer overflow.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod