71 matches found
MiracleLinux 4 : flac-1.2.1-7.AXS4 (AXSA:2015-100:01)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2015-100:01 advisory. Description: The flac packages contain a decoder and an encoder for the FLAC Free Lossless Audio Codec audio file format. Security issues fixed with...
EUVD-2007-6246
Malware in sbrugna...
EUVD-2016-3511
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-2429
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libFLAC/streamdecoder.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not prevent free...
RHEL 5 : flac (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - flac: Heap buffer write overflow in readresidualpartitionedrice CVE-2014-9028 - Stack-based buffer overfl...
K17301056: libFLAC vulnerabilities CVE-2014-8962 and CVE-2014-9028
Security Advisory Description CVE-2014-8962 Stack-based buffer overflow in streamdecoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file. CVE-2014-9028 Heap-based buffer overflow in streamdecoder.c in libFLAC before 1.3.1 allows remote attacker...
SUSE CVE-2014-9028
Heap-based buffer overflow in streamdecoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file...
flac: out of bound write in append_to_verify_fifo_interleaved_ of stream_encoder.c
An out-of-bounds write vulnerability was found in libFlak. The vulnerability occurs due to a missing bounds check. This flaw allows a local attacker without additional execution privileges to cause local information disclosure...
Ubuntu: Security Advisory (USN-2426-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0499)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-6888
An error in the "readmetadatavorbiscomment" function src/libFLAC/streamdecoder.c in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file...
Updated libextractor packages fix security vulnerabilities
In 'EXTRACTORwavextractmethod' function of wavextractor.c, the program does not check the value of samplerate, with a crafted file, the samplerate can be set to zero, resulting in a divide by zero and a crash CVE-2017-15266. NULL Pointer Dereference vulnerability in libextract when getting flac...
VideoLAN VLC Denial of Service Vulnerability (CNVD-2017-10161)
VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework developed by the French organization VideoLAN. The product supports playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the libflac-dev package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the libflac++-dev package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the libflac++5 package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the libflac-doc package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the libflac++4 package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the Android operating system allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the libFLAC/streamdecoder.c function in the Android operating system’s mediaserver component is due to buffer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure memory corruption by using a specially crafted...
CVE-2016-2429
libFLAC/streamdecoder.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not prevent free operations on uninitialized memory, which allows remote attackers to execute arbitrary code or cause a denial of service heap memory corrupti...