Debian Security Advisory DSA 1469-1 (flac)

Published: 2008-01-31 15:11:48
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Recommendations:
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201469-1

Technical Details:
Sean de Regge and Greg Linares discovered multiple heap and stack based buffer overflows in FLAC, the Free Lossless Audio Codec, which could lead to the execution of arbitrary code. For the unstable distribution (sid), these problems have been fixed in version 1.2.1-1. For the stable distribution (etch), these problems have been fixed in version 1.1.2-8. For the old stable distribution (sarge), these problems have been fixed in version 1.1.1-5sarge1. We recommend that you upgrade your flac Linux Distribution Packages.

Summary:
The remote host is missing an update to flac announced via advisory DSA 1469-1.

Detection Type:
Linux Distribution Package

Solution Type:
Vendor Patch

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2007-4619
https://nvd.nist.gov/vuln/detail/CVE-2007-6277

Search
Severity
High
CVSS Score
9.3

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.