Stack-based buffer overflow in the local__vcentry_parse_value function in vorbiscomment.c in flac123 (aka flac-tools or flac) prior to 0.0.10 allows user-assisted remote malicious users to execute arbitrary code via a large comment value_length.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
flac123 flac123 |