CVE-2007-6277

🗓️ 07 Dec 2007 11:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 54 Views

Multiple buffer overflows in Free Lossless Audio Codec libFLAC before 1.2.1 allow remote attackers to execute arbitrary code via .FLAC file

Reporter	Title	Published	Views	Family All 21
Tenable Nessus	CentOS 4 / 5 : flac (CESA-2007:0975)	25 Oct 200700:00	–	nessus
Tenable Nessus	Debian DSA-1469-1 : flac - several vulnerabilities	27 Jan 200800:00	–	nessus
Tenable Nessus	Oracle Linux 5 : Important: / flac (ELSA-2007-0975)	12 Jul 201300:00	–	nessus
Tenable Nessus	RHEL 4 / 5 : flac (RHSA-2007:0975)	25 Oct 200700:00	–	nessus
Cent OS	flac, xmms security update	22 Oct 200719:52	–	centos
Cvelist	CVE-2007-6277	7 Dec 200711:00	–	cvelist
Debian	[SECURITY] [DSA 1469-1] New flac packages fix arbitrary code execution	20 Jan 200815:43	–	debian
Debian CVE	CVE-2007-6277	7 Dec 200711:00	–	debiancve
Oracle linux	Important: flac security update	22 Oct 200700:00	–	oraclelinux
NVD	CVE-2007-6277	7 Dec 200711:46	–	nvd

NVD

Node

flac libflacRange≤1.2

Source	Link
kb	www.kb.cert.org/vuls/id/544656
research	www.research.eeye.com/html/advisories/published/AD20071115.html
securitytracker	www.securitytracker.com/id
debian	www.debian.org/security/2008/dsa-1469
securityfocus	www.securityfocus.com/archive/1/483765/100/200/threaded
securityreason	www.securityreason.com/securityalert/3423
secunia	www.secunia.com/advisories/28548
oval	www.oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10435

23 Apr 2026 00:35Current

7.4High risk

Vulners AI Score7.4

CVSS 29.3

EPSS0.18116