CVE

Id
25857  
CVE No.
CVE-2007-2500  
Status
Candidate  
Description
server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash Player) 0.7.2 allows remote attackers to execute arbitrary code via a large number of SHOWFRAME elements within a DEFINESPRITE element, which triggers memory corruption and enables the attacker to call free with an arbitrary address, probably resultant from a buffer overflow.  
Phase
Assigned (20070503)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
259520 25857 CVE-2007-2500 MISC:http://savannah.gnu.org/bugs/?19774  View
259521 25857 CVE-2007-2500 SUSE:SUSE-SR:2007:013  View
259522 25857 CVE-2007-2500 URL:http://www.novell.com/linux/security/advisories/2007_13_sr.html  View
259523 25857 CVE-2007-2500 BID:23765  View
259524 25857 CVE-2007-2500 URL:http://www.securityfocus.com/bid/23765  View
259525 25857 CVE-2007-2500 VUPEN:ADV-2007-1688  View
259526 25857 CVE-2007-2500 URL:http://www.vupen.com/english/advisories/2007/1688  View
259527 25857 CVE-2007-2500 OSVDB:37273  View
259528 25857 CVE-2007-2500 URL:http://osvdb.org/37273  View
259529 25857 CVE-2007-2500 SECTRACK:1018041  View
259530 25857 CVE-2007-2500 URL:http://www.securitytracker.com/id?1018041  View
259531 25857 CVE-2007-2500 SECUNIA:25787  View
259532 25857 CVE-2007-2500 URL:http://secunia.com/advisories/25787  View
259533 25857 CVE-2007-2500 XF:gnuflash-sprite-code-execution(34148)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
55113 JVNDB-2007-003805 HP ProCurve 9300m シリーズスイッチにおけるサービス運用妨害 (DoS) の脆弱性 HP ProCurve 9300m シリーズスイッチには、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。 CVE-2007-2502 25857 7.8 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003805.html  View