CVE-2012-1175

Priority
Medium
Description
Integer overflow in the GnashImage::size method in libbase/GnashImage.h in
GNU Gnash 0.8.10 allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted SWF file, which
triggers a heap-based buffer overflow.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1175
http://www.openwall.com/lists/oss-security/2012/03/14/5
Bugs
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664023
https://bugzilla.redhat.com/show_bug.cgi?id=803443
Package
Source: gnash (LP Ubuntu Debian)
Upstream:released (0.8.10-5)
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):needed
Ubuntu 11.10 (Oneiric Ocelot):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (0.8.10-5ubuntu1)
Ubuntu 12.10 (Quantal Quetzal):not-affected (0.8.10-6ubuntu1)
Ubuntu 13.04 (Raring Ringtail):not-affected (0.8.10-6ubuntu1)
Ubuntu 13.10 (Saucy Salamander):not-affected (0.8.10-6ubuntu1)
Patches:
Patch:http://git.savannah.gnu.org/cgit/gnash.git/commit/?id=bb4dc77eecb6ed1b967e3ecbce3dac6c5e6f1527
More Information

Valid XHTML 1.0 Strict

Updated: 2013-05-09 15:16:18 UTC (commit 6824)