Lucene search

[email protected]CVE-2012-1175

HistoryAug 26, 2012 - 8:55 p.m.

CVE-2012-1175

2012-08-2620:55:00

CWE-189

[email protected]

web.nvd.nist.gov

security

integer overflow

denial of service

buffer overflow

code execution

swf

vulnerability

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.034 Low

EPSS

Percentile

91.4%

JSON

Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer overflow.

CPENameOperatorVersion
gnu:gnashgnu gnasheq0.8.10

CPE	Name	Operator	Version
gnu:gnash	gnu gnash	eq	0.8.10

References

git.savannah.gnu.org/cgit/gnash.git/commit/?id=bb4dc77eecb6ed1b967e3ecbce3dac6c5e6f1527

secunia.com/advisories/47183

secunia.com/advisories/48466

www.debian.org/security/2012/dsa-2435

www.openwall.com/lists/oss-security/2012/03/14/5

www.openwall.com/lists/oss-security/2012/03/14/6

www.securityfocus.com/bid/52446

bugzilla.redhat.com/show_bug.cgi?id=803443

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.034 Low

EPSS

Percentile

91.4%

JSON

Related for CVE-2012-1175

nessus6 fedora4 openvas10 cvelist1 ubuntucve1 prion1 debiancve1 debian2 gentoo1 securityvulns2 osv1