CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

CNVD•added 2018/05/16 12:0 a.m.•2 views

FLAC Memory Leak Vulnerability

FLAC Free Lossless Audio Codec is a free audio compression codec from the Xiph.Org Foundation that features lossless compression of audio files. A security vulnerability exists in the 'readmetadatavorbiscomment' function src/libFLAC/streamdecoder.c file in FLAC version 1.3.2. An attacker can...

5.5CVSS6.8AI score0.0029EPSS

Exploits0References1

OSV•added 2018/04/25 9:29 p.m.•1 views

ALPINE-CVE-2017-6888

An error in the "readmetadatavorbiscomment" function src/libFLAC/streamdecoder.c in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file...

5.5CVSS6.8AI score0.0029EPSS

Exploits0References1

OSV•added 2018/04/25 9:29 p.m.•1 views

DEBIAN-CVE-2017-6888

An error in the "readmetadatavorbiscomment" function src/libFLAC/streamdecoder.c in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file...

5.5CVSS4.9AI score0.0029EPSS

Exploits0References1

Prion•added 2018/04/25 9:29 p.m.•16 views

Design/Logic Flaw

An error in the "readmetadatavorbiscomment" function src/libFLAC/streamdecoder.c in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file...

4.3CVSS5.3AI score0.0029EPSS

Exploits0References6Affected Software3

OSV•added 2018/04/25 9:29 p.m.•1 views

UBUNTU-CVE-2017-6888

An error in the "readmetadatavorbiscomment" function src/libFLAC/streamdecoder.c in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file...

5.5CVSS5.9AI score0.0029EPSS

Exploits0References5

Packet Storm•added 2008/04/10 12:0 a.m.•26 views

alsaplayer-overflow.txt

I have released this exploit for the alsaplayer bug CVE-2007-5301. You can find all the needed files at http://www.wekk.net/research/CVE-2007-5301/ With my modified version of vorbiscomment, you can generate a ogg exploit like this: whats@debian:$ vorbiscomment.whats -w -t "TITLE=$perl -e 'print...

6.8CVSS6.4AI score0.4422EPSS

Exploits6

exploitpack•added 2007/12/28 12:0 a.m.•16 views

CoolPlayer 2.17 - CPLI_ReadTag_OGG() Buffer Overflow

CoolPlayer 2.17 - CPLIReadTagOGG Buffer Overflow source: https://www.securityfocus.com/bid/27061/info CoolPlayer is prone a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. The issue occurs when handling specially crafted OGG...

0.2AI score

Exploits0

Prion•added 2007/07/02 7:30 p.m.•14 views

Stack overflow

Stack-based buffer overflow in the localvcentryparsevalue function in vorbiscomment.c in flac123 aka flac-tools or flac before 0.0.10 allows user-assisted remote attackers to execute arbitrary code via a large comment valuelength...

9.3CVSS8.2AI score0.06919EPSS

Exploits0References10Affected Software1

CVE•added 2007/07/02 7:0 p.m.•43 views

CVE-2007-3507

CVE-2007-3507 affects flac123 (aka flac-tools) prior to 0.0.11, due to a stack-based buffer overflow in local__vcentry_parse_value() in vorbiscomment.c. This can allow a user-assisted remote attacker to execute arbitrary code via a crafted Vorbis commentValue_length. Public advisories (Fedora 200...

9.3CVSS7.7AI score0.06919EPSS

Exploits0References10Affected Software1

Cvelist•added 2007/07/02 7:0 p.m.•11 views

CVE-2007-3507

7.7AI score0.06919EPSS

Exploits0References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by