Lucene search
K

850 matches found

Fedora
Fedora
added 2007/11/01 9:22 p.m.17 views

[SECURITY] Fedora 7 Update: flac-1.2.1-1.fc7

FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, flac, a command-line program to encode and decode FLAC files, metaflac, a command-line...

9.3CVSS4.1AI score0.06748EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/10/25 12:0 a.m.27 views

CentOS 4 / 5 : flac (CESA-2007:0975)

An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC encoder and...

9.3CVSS5.8AI score0.06748EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2007/10/25 12:0 a.m.28 views

RHEL 4 / 5 : flac (RHSA-2007:0975)

An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC encoder and...

9.3CVSS5.8AI score0.06748EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2007/10/24 12:0 a.m.24 views

openSUSE 10 Security Update : flac (flac-4571)

Multiple integer overflows in flac could potentially be exploited by attackers via specially crafted files to execute code in the context of the user opening the file CVE-2007-4619. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

9.3CVSS5.6AI score0.06748EPSS
Exploits0References1
Cent OS
Cent OS
added 2007/10/22 7:52 p.m.65 views

flac, xmms security update

CentOS Errata and Security Advisory CESA-2007:0975 An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec...

9.3CVSS5.7AI score0.06748EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2007/10/22 3:46 p.m.9 views

FLAC Integer overflows

Multiple integer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer...

9.3CVSS6.6AI score0.06748EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/10/22 3:46 p.m.6 views

libflac: Multiple security issues fixed in 1.2.1

Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...

9.3CVSS6.6AI score0.06742EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/10/22 3:46 p.m.31 views

Important: Red Hat Security Advisory: flac security update

An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC encoder and...

9.3CVSS5.7AI score0.06748EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2007/10/22 12:0 a.m.31 views

Important: flac security update

1.1.0-7.el4.2 - Add RHEL-5 patch to remove execstack requirement Related: rhbz 332591 1.1.0-7.el4.1 - Add patch from Takashi Iwai to fix CVE-2007-4619 Resolves: rhbz 332591...

9.3CVSS2.9AI score0.06748EPSS
Exploits0
securityvulns
securityvulns
added 2007/10/13 12:0 a.m.30 views

libFlac / WinAMP multiple integer overflows

Multiple integer overflows on FLAC sound format parsing...

4.6AI score
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2007/10/13 12:0 a.m.48 views

iDefense Security Advisory 10.11.07: Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities

Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities iDefense Security Advisory 10.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 11, 2007 I. BACKGROUND Free Lossless Audio Codec FLAC is a popular file format for audio data compression. AOL Corp.'s Winamp media...

9.3CVSS1.4AI score0.06748EPSS
Exploits0
NVD
NVD
added 2007/10/12 9:17 p.m.15 views

CVE-2007-4619

Multiple integer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer...

9.3CVSS7.4AI score0.06748EPSS
Exploits0References31
Prion
Prion
added 2007/10/12 9:17 p.m.16 views

Integer overflow

Multiple integer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer...

9.3CVSS7.6AI score0.06748EPSS
Exploits0References31Affected Software2
OSV
OSV
added 2007/10/12 9:17 p.m.1 views

DEBIAN-CVE-2007-4619

Multiple integer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer...

9.3CVSS8.2AI score0.06748EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2007/10/12 9:0 p.m.14 views

CVE-2007-4619

Multiple integer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer...

9.3CVSS7.5AI score0.06748EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/10/09 12:0 a.m.23 views

GLSA-200710-04 : libsndfile: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200710-04 libsndfile: Buffer overflow Robert Buchholz of the Gentoo Security team discovered that the flacbuffercopy function does not correctly handle FLAC streams with variable block sizes which leads to a heap-based buffer...

7.5CVSS8.4AI score0.04488EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2007/10/07 12:0 a.m.26 views

libsndfile: Buffer overflow

Background libsndfile is a library for reading and writing various formats of audio files including WAV and FLAC. Description Robert Buchholz of the Gentoo Security team discovered that the flacbuffercopy function does not correctly handle FLAC streams with variable block sizes which leads to a...

7.5CVSS7.2AI score0.04488EPSS
Exploits0
Ubuntu
Ubuntu
added 2007/10/04 9:34 p.m.83 views

USN-525-1: libsndfile vulnerability

Robert Buchholz discovered that libsndfile did not correctly validate the size of its memory buffers. If a user were tricked into playing a specially crafted FLAC file, a remote attacker could execute arbitrary code with user privileges...

7.5CVSS8.4AI score0.04488EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/10/03 12:0 a.m.26 views

Mandrake Linux Security Advisory : libsndfile (MDKSA-2007:191)

A heap-based buffer overflow in libsndfile could allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data which contains a block with a size exceeding that of the previous block. Updated packages have been patched to prevent this issue. %NASLMINLEVEL 70300 C Tenable...

7.5CVSS8.5AI score0.04488EPSS
Exploits0References1
NVD
NVD
added 2007/09/19 5:17 p.m.17 views

CVE-2007-4974

Heap-based buffer overflow in the flacbuffercopy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size...

7.5CVSS7.8AI score0.04488EPSS
Exploits0References17
Rows per page
Query Builder