Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flac libflac vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-9028
Heap-based buffer overflow in stream_decoder.c in libFLAC prior to 1.3.1 allows remote malicious users to execute arbitrary code via a crafted .flac file.
Flac Libflac
NA
CVE-2007-6277
Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC prior to 1.2.1 allow user-assisted remote malicious users to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size, (4) Picture Descriptio...
Flac Libflac
NA
CVE-2007-6278
Free Lossless Audio Codec (FLAC) libFLAC prior to 1.2.1 allows user-assisted remote malicious users to force a client to download arbitrary files via the MIME-Type URL flag (-->) for the FLAC image file in a crafted .FLAC file.
Flac Libflac
NA
CVE-2007-6279
Multiple double free vulnerabilities in Free Lossless Audio Codec (FLAC) libFLAC prior to 1.2.1 allow user-assisted remote malicious users to execute arbitrary code via malformed (1) Seektable values or (2) Seektable Data Offsets in a .FLAC file.
Flac Libflac
NA
CVE-2007-4619
Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC prior to 1.2.1, as used in Winamp prior to 5.5 and other products, allow user-assisted remote malicious users to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resul...
Flac Libflac
Nullsoft Winamp
5.5
CVSSv3
CVE-2017-6888
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
Flac Project Flac
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started