Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2007-2500

Published: 04/05/2007 Updated: 29/07/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Gnu

Vulnerability Summary

server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash Player) 0.7.2 allows remote malicious users to execute arbitrary code via a large number of SHOWFRAME elements within a DEFINESPRITE element, which triggers memory corruption and enables the malicious user to call free with an arbitrary address, probably resultant from a buffer overflow.

Vulnerable Product Search on Vulmon Subscribe to Product

gnu flash player

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2007-2500: memory corruption vulnerability in gnash
Debian Bug report logs - #423433 CVE-2007-2500: memory corruption vulnerability in gnash Package: gnash; Maintainer for gnash is Debian Flash Team <pkg-flash-devel@listsaliothdebianorg>; Source for gnash is src:gnash (PTS, buildd, popcon) Reported by: Stefan Fritsch <sf@sfritschde> Date: Fri, 11 May 2007 19:39:02 ...

References

NVD-CWE-Otherhttp://savannah.gnu.org/bugs/?19774http://www.securityfocus.com/bid/23765http://www.securitytracker.com/id?1018041http://www.novell.com/linux/security/advisories/2007_13_sr.htmlhttp://secunia.com/advisories/25787http://osvdb.org/37273http://www.vupen.com/english/advisories/2007/1688https://exchange.xforce.ibmcloud.com/vulnerabilities/34148https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=423433https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook