CVE-2007-4619

Priority
Description
Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC
before 1.2.1, as used in Winamp before 5.5 and other products, allow
user-assisted remote attackers to execute arbitrary code via a malformed
FLAC file that triggers improper memory allocation, resulting in a
heap-based buffer overflow.
Notes
 jdstrand> fixed in RedHat flac-1.1.2-28.el5_0.1.src.rpm
 jdstrand> preliminary analysis shows that xine-lib is probably not affected
  (only 1 call to realloc and 4 calls to xine_xmalloc). The code is quite
  different, so need to dive in more.
 jdstrand> requested reproducer on vendor-sec (they said no, but there is a
  good test suite)
 jdstrand> Debian 1.2.1-1 in unstable is not affected
Assigned-to
jdstrand
Package
Source: flac (LP Ubuntu Debian)
Upstream:released (1.2.1)
Package
Upstream:needs-triage
More Information

Updated: 2019-03-19 11:43:32 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)