CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
97.5%
Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC
before 1.2.1 allow user-assisted remote attackers to execute arbitrary code
via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3)
Picture Metadata MIME-TYPE Size, (4) Picture Description Size, (5) Picture
Data Length, (6) Padding Length, and (7) PICTURE Metadata width and height
values in a .FLAC file, which result in a heap-based overflow; and large
(8) VORBIS Comment String Size Length, (9) Picture MIME-Type, (10) Picture
MIME-Type URL, and (11) Picture Description Length values in a .FLAC file,
which result in a stack-based overflow. NOTE: some of these issues may
overlap CVE-2007-4619.
Author | Note |
---|---|
jdstrand | debian DSA is identical except they left out a couple of safe_ calls. This was fixed in Ubuntu’s fix for CVE-2007-4619 note that CVE-2007-4619 was very general and came out before the iDefense CVEs, so there is overlap |