Lucene search
HistoryDec 07, 2007 - 11:46 a.m.
CVE-2007-6278
flac
libflac
remote attackers
file download
cve-2007-6278
6.9 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.019 Low
EPSS
Percentile
88.4%
Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag (–>) for the FLAC image file in a crafted .FLAC file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| flac:libflac | flac libflac | le | 1.2 |
Related
prion
prion
Design/Logic Flaw
2007-12-07 11:46:00
cvelist
cvelist
CVE-2007-6278
2007-12-07 11:00:00
debiancve
debiancve
CVE-2007-6278
2007-12-07 11:46:00
ubuntucve
ubuntucve
CVE-2007-6278
2007-12-07 00:00:00
6.9 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.019 Low
EPSS
Percentile
88.4%
Related for CVE-2007-6278