From the oss-sec mailing list at $URL: An integer overflow leading to a heap-based buffer overflow was found and fixed in Gnash. Could a CVE be assigned to this flaw? References: http://git.savannah.gnu.org/cgit/gnash.git/commit/?id=bb4dc77eecb6ed1b967e3ecbce3dac6c5e6f1527 http://secunia.com/advisories/47183 https://bugzilla.redhat.com/show_bug.cgi?id=803443
The patch for this security bug was applied in 0.8.10-r2. Arches, please stabilize www-plugins/gnash-0.8.10-r2 Target keywords: amd64 ppc ~ppc64 ~sparc x86
amd64 stable
x86 stable
ppc stable.
Whoops it is security bug, repening.
This issue was resolved and addressed in GLSA 201207-08 at http://security.gentoo.org/glsa/glsa-201207-08.xml by GLSA coordinator Sean Amoss (ackle).
CVE-2012-1175 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1175): Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer overflow.