850 matches found
[SECURITY] Fedora 7 Update: flac-1.2.1-1.fc7
FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, flac, a command-line program to encode and decode FLAC files, metaflac, a command-line...
CentOS 4 / 5 : flac (CESA-2007:0975)
An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC encoder and...
RHEL 4 / 5 : flac (RHSA-2007:0975)
An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC encoder and...
openSUSE 10 Security Update : flac (flac-4571)
Multiple integer overflows in flac could potentially be exploited by attackers via specially crafted files to execute code in the context of the user opening the file CVE-2007-4619. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
flac, xmms security update
CentOS Errata and Security Advisory CESA-2007:0975 An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec...
FLAC Integer overflows
Multiple integer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer...
libflac: Multiple security issues fixed in 1.2.1
Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...
Important: Red Hat Security Advisory: flac security update
An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC encoder and...
Important: flac security update
1.1.0-7.el4.2 - Add RHEL-5 patch to remove execstack requirement Related: rhbz 332591 1.1.0-7.el4.1 - Add patch from Takashi Iwai to fix CVE-2007-4619 Resolves: rhbz 332591...
libFlac / WinAMP multiple integer overflows
Multiple integer overflows on FLAC sound format parsing...
iDefense Security Advisory 10.11.07: Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities
Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities iDefense Security Advisory 10.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 11, 2007 I. BACKGROUND Free Lossless Audio Codec FLAC is a popular file format for audio data compression. AOL Corp.'s Winamp media...
CVE-2007-4619
Multiple integer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer...
Integer overflow
Multiple integer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer...
DEBIAN-CVE-2007-4619
Multiple integer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer...
CVE-2007-4619
Multiple integer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer...
GLSA-200710-04 : libsndfile: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200710-04 libsndfile: Buffer overflow Robert Buchholz of the Gentoo Security team discovered that the flacbuffercopy function does not correctly handle FLAC streams with variable block sizes which leads to a heap-based buffer...
libsndfile: Buffer overflow
Background libsndfile is a library for reading and writing various formats of audio files including WAV and FLAC. Description Robert Buchholz of the Gentoo Security team discovered that the flacbuffercopy function does not correctly handle FLAC streams with variable block sizes which leads to a...
USN-525-1: libsndfile vulnerability
Robert Buchholz discovered that libsndfile did not correctly validate the size of its memory buffers. If a user were tricked into playing a specially crafted FLAC file, a remote attacker could execute arbitrary code with user privileges...
Mandrake Linux Security Advisory : libsndfile (MDKSA-2007:191)
A heap-based buffer overflow in libsndfile could allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data which contains a block with a size exceeding that of the previous block. Updated packages have been patched to prevent this issue. %NASLMINLEVEL 70300 C Tenable...
CVE-2007-4974
Heap-based buffer overflow in the flacbuffercopy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size...