3 matches found
[SECURITY] [DSA 1469-1] New flac packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1469-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 20, 2008 http://www.debian.org/security/faq -...
CVE-2007-6277
The CVE-2007-6277 entry covers multiple heap- and stack-based overflow vulnerabilities in the FLAC library (libFLAC) prior to 1.2.1 that could allow remote code execution when processing specially crafted FLAC files. Connected advisories confirm concrete details: several overflow vectors (heap/st...
CVE-2007-6277
Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...