21 matches found
SUSE CVE-2007-4619
Multiple integer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer...
Oracle Linux 5 : Important: / flac (ELSA-2007-0975)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0975 advisory. 1.1.0-7.el4.2 - Add RHEL-5 patch to remove execstack requirement Related: rhbz 332591 1.1.0-7.el4.1 - Add patch from Takashi Iwai to fix CVE-2007-4619...
Scientific Linux Security Update : flac on SL5.x, SL4.x i386/x86_64
A security flaw was found in the way flac processed audio data. An attacker could create a carefully crafted FLAC audio file in such a way that it could cause an application linked with flac libraries to crash or execute arbitrary code when it was opened. CVE-2007-4619 This update actually went o...
SLES10: Security update for flac
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: flac flac-devel More details may also be found by searching for the SuSE Enterprise Server 10 patch database located at...
SLES10: Security update for flac
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: flac flac-devel More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the references. SPDX-FileCopyrightText...
SLES9: Security update for flac
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: flac-devel flac-xmms flac For more information, please visit the referenced security advisories. More details may also be found by searching for keyword...
SuSE9 Security Update : flac (YOU Patch Number 11926)
Multiple integer overflows in flac could potentially be exploited by attackers via specially crafted files to execute code in the context of the user opening the file. CVE-2007-4619 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
Mandriva Update for flac MDKSA-2007:214 (flac)
Check for the Version of flac OpenVAS Vulnerability Test Mandriva Update for flac MDKSA-2007:214 flac Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for flac FEDORA-2007-730
Check for the Version of flac OpenVAS Vulnerability Test Fedora Update for flac FEDORA-2007-730 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for flac FEDORA-2007-2596
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 200711-15 (flac)
The remote host is missing updates announced in advisory GLSA 200711-15. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1469-1] New flac packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1469-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 20, 2008 http://www.debian.org/security/faq -...
SuSE 10 Security Update : flac (ZYPP Patch Number 4569)
Multiple integer overflows in flac could potentially be exploited by attackers via specially crafted files to execute code in the context of the user opening the file. CVE-2007-4619 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
CVE-2007-6277
Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...
Fedora Core 6 : flac-1.1.2-28 (2007-730)
Wed Oct 17 2007 - Bastien Nocera - 1.1.2-28 - Add patch from Takashi Iwai to fix CVE-2007-4619 332581 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
CentOS 4 / 5 : flac (CESA-2007:0975)
An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC encoder and...
RHEL 4 / 5 : flac (RHSA-2007:0975)
An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC encoder and...
openSUSE 10 Security Update : flac (flac-4571)
Multiple integer overflows in flac could potentially be exploited by attackers via specially crafted files to execute code in the context of the user opening the file CVE-2007-4619. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Important: flac security update
1.1.0-7.el4.2 - Add RHEL-5 patch to remove execstack requirement Related: rhbz 332591 1.1.0-7.el4.1 - Add patch from Takashi Iwai to fix CVE-2007-4619 Resolves: rhbz 332591...
iDefense Security Advisory 10.11.07: Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities
Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities iDefense Security Advisory 10.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 11, 2007 I. BACKGROUND Free Lossless Audio Codec FLAC is a popular file format for audio data compression. AOL Corp.'s Winamp media...