850 matches found
flac: arbitrary code execution
A stack overflow and a heap overflow condition have been found in libFLAC when parsing a maliciously crafted .flac file, which may result in arbitrary code execution...
UBUNTU-CVE-2014-9028
Heap-based buffer overflow in streamdecoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file...
FreeBSD : flac -- Multiple vulnerabilities (a33addf6-74e6-11e4-a615-f8b156b6dcc8)
Erik de Castro Lopo reports : Google Security Team member, Michele Spagnuolo, recently found two potential problems in the FLAC code base. They are : - CVE-2014-9028: Heap buffer write overflow. - CVE-2014-8962: Heap buffer read overflow. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
flac -- Multiple vulnerabilities
Erik de Castro Lopo reports: Google Security Team member, Michele Spagnuolo, recently found two potential problems in the FLAC code base. They are: CVE-2014-9028: Heap buffer write overflow. CVE-2014-8962: Heap buffer read overflow...
[SECURITY] Fedora 20 Update: qmmp-0.7.7-1.fc20.1
This program is an audio-player, written with help of Qt library. The user interface is similar to winamp or xmms. Main opportunities: Winamp and xmms skins support plugins support Ogg Vorbis support native FLAC support Musepack support WavePack support ModPlug support PCM WAVE support CD Audio...
How To Remove File Metadata
How To Remove File Metadata For those of you who want to remove file metadata from any shared data, you can use existing document or image editor software which typically have built-in metadata editing capability. In this tutorial, we will introduce a standalone metadata cleaner tool which is...
TagScanner 5.1 - Stack Buffer Overflow (PoC)
Title: ====== TagScanner v5.1 - Stack Buffer Overflow Vulnerability Date: ===== 2013-01-22 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=831 VL-ID: ===== 831 Introduction: ============= TagScanner is a multifunction program for organizing and managing your music...
Scientific Linux Security Update : flac on SL5.x, SL4.x i386/x86_64
A security flaw was found in the way flac processed audio data. An attacker could create a carefully crafted FLAC audio file in such a way that it could cause an application linked with flac libraries to crash or execute arbitrary code when it was opened. CVE-2007-4619 This update actually went o...
Fedora Update for taglib FEDORA-2012-4268
Check for the Version of taglib OpenVAS Vulnerability Test Fedora Update for taglib FEDORA-2012-4268 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
[SECURITY] Fedora 16 Update: taglib-1.7.1-1.fc16
TagLib is a library for reading and editing the meta-data of several popular audio formats. Currently it supports both ID3v1 and ID3v2 for MP3 files, Ogg Vorbis comments and ID3 tags and Vorbis comments in FLAC, MPC, Speex, WavPack, TrueAudio files, as well as APE Tags...
Samsung hires Android hacker Cyanogen
Samsung hires Android hacker Cyanogen Steve 'Cyanogen' Kondik is best known as the creator of the CyanogenMod for Android, an after market customised firmware bringing new features and functionality to the Android platform. There's no information yet on whether Samsung is interested in CyanogenMo...
MDVA-2010:150 : k3b
This updates fixes issues with k3b when ripping CDs with external encoder such as FLAC. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script was automatically...
jetAudio jetCast Title Processing Buffer Overflow Vulnerability
COWON Media Center JetAudio is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2009-4676
Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Stack overflow
Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-4676
CVE-2009-4676 affects JetAudio/Jetaudio JetCast: JetCast.exe 2.0.4.1109 is vulnerable in JetAudio 7.5.2 and 7.5.3.15 due to a stack-based buffer overflow triggered by a long title in a FLAC file. The issue permits remote code execution and is documented with a CVSSv2 base score of 9.3 (NETWORK ve...
Fedora Core 10 FEDORA-2009-11499 (libsndfile)
The remote host is missing an update to libsndfile announced via advisory FEDORA-2009-11499. OpenVAS Vulnerability Test $Id: fcore200911499.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-11499 libsndfile Authors: Thomas Reinke Copyright: Copyright ...
Fedora Core 11 FEDORA-2009-11618 (libsndfile)
The remote host is missing an update to libsndfile announced via advisory FEDORA-2009-11618. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...
Fedora 10 : libsndfile-1.0.20-3.fc10 (2009-11499)
Version 1.0.20 2009-03-14 Fix potential heap overflow in VOC file parser Tobias Klein, http://www.trapkit.de/. Version 1.0.19 2009-03-02 Fix for CVE-2009-0186 Alin Rad Pop, Secunia Research. Huge number of minor bug fixes as a result of static analysis. Version 1.0.18 2009-02-07 Add Ogg/Vorbis...
SLES10: Security update for flac
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: flac flac-devel More details may also be found by searching for the SuSE Enterprise Server 10 patch database located at...