71 matches found
CVE-2014-8962
CVE-2014-8962 is a stack-based buffer overflow in libFLAC’s stream_decoder.c (affected pre-1.3.1) that allows remote code execution via a crafted .flac file. Related CVE-2014-9028 is a heap-based overflow in the same component. The public details reference versions up to 1.3.1 and show patches/up...
CVE-2014-9028
Heap-based buffer overflow in streamdecoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file...
CVE-2014-8962
Stack-based buffer overflow in streamdecoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file...
flac: arbitrary code execution
A stack overflow and a heap overflow condition have been found in libFLAC when parsing a maliciously crafted .flac file, which may result in arbitrary code execution...
CVE-2014-9028
Heap-based buffer overflow in streamdecoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file...
UBUNTU-CVE-2014-8962
Stack-based buffer overflow in streamdecoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file...
CVE-2007-6278
Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag -- for the FLAC image file in a crafted .FLAC file...
Heap overflow
Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...
Design/Logic Flaw
Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag -- for the FLAC image file in a crafted .FLAC file...
CVE-2007-6279
Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...
Double free
Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...
CVE-2007-6279
Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...
CVE-2007-6278
Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag -- for the FLAC image file in a crafted .FLAC file...
DEBIAN-CVE-2007-6279
Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...
CVE-2007-6279
Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...
CVE-2007-6279
The vulnerability is in the Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, where multiple double-free flaws affect parsing .FLAC files. Specifically, malformed Seektable values or Seektable Data Offsets can allow user‑assisted remote attackers to execute arbitrary code. Practical impact i...
CVE-2007-6278
CVE-2007-6278 affects the FLAC library (libFLAC) prior to 1.2.1. A crafted .FLAC file can trigger the MIME-Type URL flag in the FLAC image block, allowing a user-assisted remote attacker to cause the client to download arbitrary files. The vulnerability stems from (unexplicit) handling of the ima...
CVE-2007-6278
Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag -- for the FLAC image file in a crafted .FLAC file...
CVE-2007-6277
Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...
CVE-2007-6278
Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag -- for the FLAC image file in a crafted .FLAC file...