Stack-based buffer overflow in stream_decoder.c in libFLAC prior to 1.3.1 allows remote malicious users to execute arbitrary code via a crafted .flac file.
Michele Spagnuolo, of Google Security Team, and Miroslav Lichvar, of
Red Hat, discovered two issues in flac, a library handling Free
Lossless Audio Codec media: by providing a specially crafted FLAC
file, an attacker could execute arbitrary code
For the stable distribution (wheezy), these problems have been fixed in
version 121-6+deb7u1
For the ...
A buffer overflow flaw was found in the way flac decoded FLAC audio files An attacker could create a specially crafted FLAC audio file that could cause an application using the flac library to crash or execute arbitrary code when the file was read (CVE-2014-9028)
A buffer over-read flaw was found in the way flac processed certain ID3v2 metadata ...
A buffer over-read flaw was found in the way flac processed certain ID3v2 metadata An attacker could create a specially crafted FLAC audio file that could cause an application using the flac library to crash when the file was read ...