Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnash vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-4328
plugin/npapi/plugin.cpp in Gnash prior to 0.8.10 uses weak permissions (world readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information.
Gnu Gnash 0.8.7
Gnu Gnash 0.8.9
Gnu Gnash
Gnu Gnash 0.8.5
Gnu Gnash 0.8.8
6.8
CVSSv2
CVE-2012-1175
Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer overflow.
Gnu Gnash 0.8.10
3.3
CVSSv2
CVE-2010-4337
The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files.
Gnu Gnash 0.8.8
10
CVSSv2
CVE-2007-2500
server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash Player) 0.7.2 allows remote malicious users to execute arbitrary code via a large number of SHOWFRAME elements within a DEFINESPRITE element, which triggers memory corruption and enables the malicious user to call fr...
Gnu Flash Player
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started