REDHAT-BUG-803443: Buffer Overflow
First published: Wed Mar 14 2012(Updated: )
It was reported [1] that an integer overflow in GNU Gnash's GnashImage::size() method could be exploited to cause a heap-based buffer overflow when opening certain specially-crafted SWF files. If a user were tricked into opening a malicious SWF file it cause cause Gnash to crash or, possibly, execute arbitrary code with the permissions of the user running Gnash. The flaw was reported in 0.8.10 and is fixed in git [2]. [1] <a href="http://secunia.com/advisories/47183">http://secunia.com/advisories/47183</a> [2] <a href="http://git.savannah.gnu.org/cgit/gnash.git/commit/?id=bb4dc77eecb6ed1b967e3ecbce3dac6c5e6f1527">http://git.savannah.gnu.org/cgit/gnash.git/commit/?id=bb4dc77eecb6ed1b967e3ecbce3dac6c5e6f1527</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNU Gnash | =0.8.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2012-1175
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/gnu
- canonical/gnu gnash