PublicDate: 2007-05-04 00:19:00 UTC
Candidate: CVE-2007-2500
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2500
Description:
 server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash Player)
 0.7.2 allows remote attackers to execute arbitrary code via a large number
 of SHOWFRAME elements within a DEFINESPRITE element, which triggers memory
 corruption and enables the attacker to call free with an arbitrary address,
 probably resultant from a buffer overflow.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_gnash: DNE
edgy_gnash: DNE
feisty_gnash: released (0.7.2-1ubuntu0.1)
gutsy_gnash: released (0.7.2+cvs20070518.1557-1)
devel_gnash: released (0.7.2+cvs20070518.1557-1)
upstream_gnash: needs-triage