Gnash: Multiple vulnerabilities
1.
Gentoo Linux Security Advisory
Version Information
| Advisory Reference |
GLSA 201207-08 / Gnash |
| Release Date |
July 09, 2012 |
| Latest Revision |
July 09, 2012: 1 |
| Impact |
normal |
| Exploitable |
local, remote |
| Package |
Vulnerable versions |
Unaffected versions |
Architecture(s) |
| www-plugins/gnash |
<
0.8.10-r2 |
>=
0.8.10-r2 |
All supported architectures
|
Related bugreports:
#391283, #408209
Synopsis
Multiple vulnerabilities have been found in Gnash which could
result in execution of arbitrary code, Denial of Service, or information
disclosure.
2.
Impact Information
Background
Gnash is a GNU flash movie player that supports many SWF features.
Description
Multiple vulnerabilities have been found in Gnash:
- The "nsPluginInstance::setupCookies()" function in plugin.cpp creates
world-readable cookies with predictable file names (CVE-2011-4328).
- The "GnashImage::size()" function in GnashImage.h contains an integer
overflow error which could cause a heap-based buffer overflow
(CVE-2012-1175).
Impact
A remote attacker could entice a user to open a specially crafted SWF
file, possibly resulting in execution of arbitrary code or a Denial of
Service condition. Furthermore, a local attacker may be able to obtain
sensitive information.
3.
Resolution Information
Workaround
There is no known workaround at this time.
Resolution
All Gnash users should upgrade to the latest version:
Code Listing 3.1: Resolution |
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-plugins/gnash-0.8.10-r2"
|
4.
References
|
