PublicDate: 2007-12-07 11:46:00 UTC
Candidate: CVE-2007-6277
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6277
Description:
 Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC
 before 1.2.1 allow user-assisted remote attackers to execute arbitrary code
 via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3)
 Picture Metadata MIME-TYPE Size, (4) Picture Description Size, (5) Picture
 Data Length, (6) Padding Length, and (7) PICTURE Metadata width and height
 values in a .FLAC file, which result in a heap-based overflow; and large
 (8) VORBIS Comment String Size Length, (9) Picture MIME-Type, (10) Picture
 MIME-Type URL, and (11) Picture Description Length values in a .FLAC file,
 which result in a stack-based overflow.  NOTE: some of these issues may
 overlap CVE-2007-4619.
Ubuntu-Description:
Notes:
 jdstrand> debian DSA is identical except they left out a couple of safe_
   calls.  This was fixed in Ubuntu's fix for CVE-2007-4619
 jdstrand> note that CVE-2007-4619 was very general and came out before the
   iDefense CVEs, so there is overlap
Bugs:
 https://bugs.launchpad.net/bugs/185026
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 
Patches_flac:
 vendor: http://www.debian.org/security/2008/dsa-1469
upstream_flac: released (1.2.1)
dapper_flac: released (1.1.2-3ubuntu1.1)
edgy_flac: released (1.1.2-5ubuntu1.1)
feisty_flac: released (1.1.2-5ubuntu2.1)
gutsy_flac: released (1.1.4-3ubuntu1.1)
devel_flac: not-affected (1.2.1-1)