EUVD-2007-3491

Malware in sbrugna...

Fedora Update for flac123 FEDORA-2007-1045

Check for the Version of flac123 OpenVAS Vulnerability Test Fedora Update for flac123 FEDORA-2007-1045 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for flac123 FEDORA-2007-1045

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Gentoo Security Advisory GLSA 200709-06 (flac123)

The remote host is missing updates announced in advisory GLSA 200709-06. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200709-06 (flac123)

The remote host is missing updates announced in advisory GLSA 200709-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

FreeBSD Ports: flac123

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: flac123

The remote host is missing an update to the system as announced in the referenced advisory. VID 32d38cbb-2632-11dc-94da-0016179b2dd5 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Fedora 7 : flac123-0.0.11-1.fc7 (2007-1045)

Updates package to 0.0.11, which solves vorbis comment parsing buffer overflow Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

flac123: Buffer overflow

Background flac123 is a command-line application for playing FLAC audio files. Description A possible buffer overflow vulnerability has been reported in the localvcentryparsevalue function in vorbiscomment.c. Impact An attacker could entice a user to play a specially crafted audio file, which cou...

[SECURITY] Fedora 7 Update: flac123-0.0.11-1.fc7

flac123 is a command-line program for playing FLAC audio files FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC is similar to Ogg Vorbis, but lossless...

Flac123 local__vcentry_parse_values()远程栈溢出漏洞

BUGTRAQ ID: 24712 flac123是用于播放FLAC音频文件的命令行工具。 flac123在处理畸形格式的音频文件时存在漏洞，攻击者可能通过诱使用户打开处理恶意文件来控制用户机器。 flac123的vorbiscomment.c文件中的localvcentryparsevalue函数没有正确地处理超长的 valuelength值，如果用户受骗打开恶意的音频文件的话，就可能在memcpy期间溢出dest缓冲区，导致执行任意指令。 flac-tools flac123 0.0.9 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

CVE-2007-3507

Stack-based buffer overflow in the localvcentryparsevalue function in vorbiscomment.c in flac123 aka flac-tools or flac before 0.0.10 allows user-assisted remote attackers to execute arbitrary code via a large comment valuelength...

CVE-2007-3507

Stack-based buffer overflow in the localvcentryparsevalue function in vorbiscomment.c in flac123 aka flac-tools or flac before 0.0.10 allows user-assisted remote attackers to execute arbitrary code via a large comment valuelength...

CVE-2007-3507

CVE-2007-3507 affects flac123 (aka flac-tools) prior to 0.0.11, due to a stack-based buffer overflow in local__vcentry_parse_value() in vorbiscomment.c. This can allow a user-assisted remote attacker to execute arbitrary code via a crafted Vorbis commentValue_length. Public advisories (Fedora 200...

FreeBSD : flac123 -- stack overflow in comment parsing (32d38cbb-2632-11dc-94da-0016179b2dd5)

isecpartners reports : flac123, also known as flac-tools, is vulnerable to a buffer overflow in vorbis comment parsing. This allows for the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

flac123 0.0.9 - Stack overflow in comment parsing

iSEC Partners Security Advisory - 2007-002-flactools http://www.isecpartners.com -------------------------------------------- flac123 0.0.9 - Stack overflow in comment parsing Vendor URL: http://flac-tools.sourceforge.net/ Severity: High Allows for arbitrary code execution Author: David Thiel...

flac123 -- stack overflow in comment parsing

isecpartners reports: flac123, also known as flac-tools, is vulnerable to a buffer overflow in vorbis comment parsing. This allows for the execution of arbitrary code...