Lucene search
+L

851 matches found

CVE
CVE
added 2007/12/07 11:0 a.m.62 views

CVE-2007-6277

The CVE-2007-6277 entry covers multiple heap- and stack-based overflow vulnerabilities in the FLAC library (libFLAC) prior to 1.2.1 that could allow remote code execution when processing specially crafted FLAC files. Connected advisories confirm concrete details: several overflow vectors (heap/st...

9.3CVSS7.4AI score0.06742EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2007/12/07 11:0 a.m.56 views

CVE-2007-6279

Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...

9.3CVSS7.5AI score0.03979EPSS
Exploits0
CVE
CVE
added 2007/12/07 11:0 a.m.48 views

CVE-2007-6278

CVE-2007-6278 affects the FLAC library (libFLAC) prior to 1.2.1. A crafted .FLAC file can trigger the MIME-Type URL flag in the FLAC image block, allowing a user-assisted remote attacker to cause the client to download arbitrary files. The vulnerability stems from (unexplicit) handling of the ima...

9.3CVSS6.7AI score0.0212EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/12/07 11:0 a.m.30 views

CVE-2007-6279

Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...

7.7AI score0.03979EPSS
Exploits0References5
Cvelist
Cvelist
added 2007/12/07 11:0 a.m.21 views

CVE-2007-6278

Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag -- for the FLAC image file in a crafted .FLAC file...

6.6AI score0.0212EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2007/12/07 11:0 a.m.39 views

CVE-2007-6278

Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag -- for the FLAC image file in a crafted .FLAC file...

9.3CVSS6.4AI score0.0212EPSS
Exploits0
Debian CVE
Debian CVE
added 2007/12/07 11:0 a.m.43 views

CVE-2007-6277

Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...

9.3CVSS7.5AI score0.06742EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2007/11/22 12:0 a.m.9 views

FLAC libFLAC Multiple Buffer Overflows (CVE-2007-4619)

Free Lossless Audio Codec FLAC is a file format designed for audio data compression. LibFLAC is the FLAC project library embedded in various products. A buffer overflow vulnerability has been reported in the FLAC. A remote attacker can exploit this vulnerability via a specially crafted FLAC file...

9.3CVSS7.3AI score0.06748EPSS
Exploits0
securityvulns
securityvulns
added 2007/11/17 12:0 a.m.26 views

libFLAC / WinAMP multiple security vulnerabilities

14 different vulnerabilities exist on FLAC media format files parsing...

4.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/11/17 12:0 a.m.42 views

EEYE: Multiple Vulnerabilities In .FLAC File Format and Various Media Applications

Multiple Vulnerabilities In .FLAC File Format and Various Media Applications Release Date: November 15, 2007 Date Reported: September 28, 2007 Vendor Reporting Coordination Began With US-CERT Severity: High Remote Code Execution Vendor: Multiple Vendors Systems Affected: Applications with FLAC...

0.4AI score
Exploits0
CERT
CERT
added 2007/11/15 12:0 a.m.26 views

libFLAC contains multiple vulnerabilities

Overview libFLAC contains multiple vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description FLAC Free Lossless Audio Codec is a lossless audio format. libFLAC is a library that can process FLAC files. libFLAC contains multip...

9.3CVSS6.6AI score0.06748EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/11/14 12:0 a.m.23 views

FreeBSD : flac -- media file processing integer overflow vulnerabilities (ff65eecb-91e4-11dc-bd6c-0016179b2dd5)

iDefense Laps reports : Remote exploitation of multiple integer overflow vulnerabilities in libFLAC, as included with various vendor's software distributions, allows attackers to execute arbitrary code in the context of the currently logged in user. These vulnerabilities specifically exist in the...

9.3CVSS6.3AI score0.06748EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2007/11/14 12:0 a.m.25 views

GLSA-200711-15 : FLAC: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200711-15 FLAC: Buffer overflow Sean de Regge reported multiple integer overflows when processing FLAC media files that could lead to improper memory allocations resulting in heap-based buffer overflows. Impact : A remote attacker...

9.3CVSS6.3AI score0.06748EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/11/14 12:0 a.m.22 views

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : flac vulnerability (USN-540-1)

Sean de Regge discovered that flac did not properly perform bounds checking in many situations. An attacker could send a specially crafted FLAC audio file and execute arbitrary code as the user or cause a denial of service in flac or applications that link against flac. Note that Tenable Network...

9.3CVSS6AI score0.06748EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2007/11/13 7:45 p.m.50 views

USN-540-1: flac vulnerability

Sean de Regge discovered that flac did not properly perform bounds checking in many situations. An attacker could send a specially crafted FLAC audio file and execute arbitrary code as the user or cause a denial of service in flac or applications that link against flac...

9.3CVSS5.8AI score0.06748EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2007/11/12 12:0 a.m.25 views

FLAC: Buffer overflow

Background The Xiph.org Free Lossless Audio Codec FLAC library is the reference implementation of the FLAC audio file format. It contains encoders and decoders in library and executable form. Description Sean de Regge reported multiple integer overflows when processing FLAC media files that could...

9.3CVSS7AI score0.06748EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.23 views

Ubuntu 6.06 LTS / 6.10 / 7.04 : libsndfile vulnerability (USN-525-1)

Robert Buchholz discovered that libsndfile did not correctly validate the size of its memory buffers. If a user were tricked into playing a specially crafted FLAC file, a remote attacker could execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the...

7.5CVSS7.9AI score0.04488EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/11/09 12:0 a.m.19 views

Mandrake Linux Security Advisory : flac (MDKSA-2007:214)

A security vulnerability was discovered in how flac processed audio data. An attacker could create a carefully crafted FLAC audio file that could cause an application linked against the flac libraries to crash or execute arbitrary code when opened. Updated packages have been patched to prevent th...

9.3CVSS5.9AI score0.06748EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/11/06 12:0 a.m.24 views

Fedora 7 : flac-1.2.1-1.fc7 (2007-2596)

Wed Oct 17 2007 - Bastien Nocera - 1.2.1-1 - Update to 1.2.1 to fix CVE-2007-4619 332571 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

9.3CVSS5.3AI score0.06748EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2007/11/06 12:0 a.m.27 views

Fedora Core 6 : flac-1.1.2-28 (2007-730)

Wed Oct 17 2007 - Bastien Nocera - 1.1.2-28 - Add patch from Takashi Iwai to fix CVE-2007-4619 332581 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

9.3CVSS5.3AI score0.06748EPSS
Exploits0References1
Rows per page
Query Builder