Candidate: CVE-2012-1175
PublicDate: 2012-08-26 20:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1175
 http://www.openwall.com/lists/oss-security/2012/03/14/5
Description:
 Integer overflow in the GnashImage::size method in libbase/GnashImage.h in
 GNU Gnash 0.8.10 allows remote attackers to cause a denial of service
 (crash) and possibly execute arbitrary code via a crafted SWF file, which
 triggers a heap-based buffer overflow.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664023
 https://bugzilla.redhat.com/show_bug.cgi?id=803443
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_gnash:
 other: http://git.savannah.gnu.org/cgit/gnash.git/commit/?id=bb4dc77eecb6ed1b967e3ecbce3dac6c5e6f1527
upstream_gnash: released (0.8.10-5)
hardy_gnash: ignored (reached end-of-life)
lucid_gnash: ignored (reached end-of-life)
maverick_gnash: ignored (reached end-of-life)
natty_gnash: ignored (reached end-of-life)
oneiric_gnash: ignored (reached end-of-life)
precise_gnash: not-affected (0.8.10-5ubuntu1)
quantal_gnash: not-affected (0.8.10-6ubuntu1)
raring_gnash: not-affected (0.8.10-6ubuntu1)
saucy_gnash: not-affected (0.8.10-6ubuntu1)
devel_gnash: not-affected (0.8.10-6ubuntu1)