CVE-2007-2500

Name of the Vulnerable Software and Affected Versions GNU Gnash versions 0.7.2

Description The issue allows remote attackers to execute arbitrary code via a large number of SHOWFRAME elements within a DEFINESPRITE element. This triggers memory corruption, enabling the attacker to call free with an arbitrary address, likely resultant from a buffer overflow.

Recommendations For GNU Gnash version 0.7.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.