ID CVE-2007-4619
Summary Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:flac:libflac:1.2
    cpe:2.3:a:flac:libflac:1.2
  • Nullsoft Winamp 5.35
    cpe:2.3:a:nullsoft:winamp:5.35
CVSS
Base: 9.3 (as of 15-10-2007 - 10:00)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_FLAC-4571.NASL
    description Multiple integer overflows in flac could potentially be exploited by attackers via specially crafted files to execute code in the context of the user opening the file (CVE-2007-4619).
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 27530
    published 2007-10-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27530
    title openSUSE 10 Security Update : flac (flac-4571)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_11926.NASL
    description Multiple integer overflows in flac could potentially be exploited by attackers via specially crafted files to execute code in the context of the user opening the file. (CVE-2007-4619)
    last seen 2019-02-21
    modified 2012-04-23
    plugin id 41157
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41157
    title SuSE9 Security Update : flac (YOU Patch Number 11926)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-540-1.NASL
    description Sean de Regge discovered that flac did not properly perform bounds checking in many situations. An attacker could send a specially crafted FLAC audio file and execute arbitrary code as the user or cause a denial of service in flac or applications that link against flac. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 28208
    published 2007-11-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28208
    title Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : flac vulnerability (USN-540-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0975.NASL
    description An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC encoder and decoder in library form, a program to encode and decode FLAC files, a metadata editor for FLAC files and input plugins for various music players. A security flaw was found in the way flac processed audio data. An attacker could create a carefully crafted FLAC audio file in such a way that it could cause an application linked with flac libraries to crash or execute arbitrary code when it was opened. (CVE-2007-4619) Users of flac are advised to upgrade to this updated package, which contains a backported patch that resolves this issue.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 27567
    published 2007-10-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27567
    title RHEL 4 / 5 : flac (RHSA-2007:0975)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_FLAC-4569.NASL
    description Multiple integer overflows in flac could potentially be exploited by attackers via specially crafted files to execute code in the context of the user opening the file. (CVE-2007-4619)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29431
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29431
    title SuSE 10 Security Update : flac (ZYPP Patch Number 4569)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20071022_FLAC_ON_SL5_X.NASL
    description A security flaw was found in the way flac processed audio data. An attacker could create a carefully crafted FLAC audio file in such a way that it could cause an application linked with flac libraries to crash or execute arbitrary code when it was opened. (CVE-2007-4619) This update actually went out yesterday. We apologize for getting this e-mail out late.
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60271
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60271
    title Scientific Linux Security Update : flac on SL5.x, SL4.x i386/x86_64
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1469.NASL
    description Sean de Regge and Greg Linares discovered multiple heap and stack based buffer overflows in FLAC, the Free Lossless Audio Codec, which could lead to the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 30061
    published 2008-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30061
    title Debian DSA-1469-1 : flac - several vulnerabilities
  • NASL family Windows
    NASL id WINAMP_55.NASL
    description The remote host is using Winamp, a popular media player for Windows. The version of Winamp installed on the remote Windows host contains a plug-in to handle playing FLAC files that contains several integer buffer overflow vulnerabilities. If an attacker can trick a user on the affected host into opening a specially crafted FLAC file, he may be able to leverage this issue to execute arbitrary code on the host subject to the user's privileges.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 27040
    published 2007-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27040
    title Winamp < 5.5 FLAC Plug-in Multiple Buffer Overflows
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-2596.NASL
    description - Wed Oct 17 2007 - Bastien Nocera - 1.2.1-1 - Update to 1.2.1 to fix CVE-2007-4619 (#332571) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 27779
    published 2007-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27779
    title Fedora 7 : flac-1.2.1-1.fc7 (2007-2596)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2007-214.NASL
    description A security vulnerability was discovered in how flac processed audio data. An attacker could create a carefully crafted FLAC audio file that could cause an application linked against the flac libraries to crash or execute arbitrary code when opened. Updated packages have been patched to prevent this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27850
    published 2007-11-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27850
    title Mandrake Linux Security Advisory : flac (MDKSA-2007:214)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_FF65EECB91E411DCBD6C0016179B2DD5.NASL
    description iDefense Laps reports : Remote exploitation of multiple integer overflow vulnerabilities in libFLAC, as included with various vendor's software distributions, allows attackers to execute arbitrary code in the context of the currently logged in user. These vulnerabilities specifically exist in the handling of malformed FLAC media files. In each case, an integer overflow can occur while calculating the amount of memory to allocate. As such, insufficient memory is allocated for the data that is subsequently read in from the file, and a heap based buffer overflow occurs.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 28196
    published 2007-11-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28196
    title FreeBSD : flac -- media file processing integer overflow vulnerabilities (ff65eecb-91e4-11dc-bd6c-0016179b2dd5)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200711-15.NASL
    description The remote host is affected by the vulnerability described in GLSA-200711-15 (FLAC: Buffer overflow) Sean de Regge reported multiple integer overflows when processing FLAC media files that could lead to improper memory allocations resulting in heap-based buffer overflows. Impact : A remote attacker could entice a user to open a specially crafted FLAC file or network stream with an application using FLAC. This might lead to the execution of arbitrary code with privileges of the user playing the file. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 28198
    published 2007-11-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28198
    title GLSA-200711-15 : FLAC: Buffer overflow
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-0975.NASL
    description An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC encoder and decoder in library form, a program to encode and decode FLAC files, a metadata editor for FLAC files and input plugins for various music players. A security flaw was found in the way flac processed audio data. An attacker could create a carefully crafted FLAC audio file in such a way that it could cause an application linked with flac libraries to crash or execute arbitrary code when it was opened. (CVE-2007-4619) Users of flac are advised to upgrade to this updated package, which contains a backported patch that resolves this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 27539
    published 2007-10-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27539
    title CentOS 4 / 5 : flac (CESA-2007:0975)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-0975.NASL
    description From Red Hat Security Advisory 2007:0975 : An updated flac package to correct a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC encoder and decoder in library form, a program to encode and decode FLAC files, a metadata editor for FLAC files and input plugins for various music players. A security flaw was found in the way flac processed audio data. An attacker could create a carefully crafted FLAC audio file in such a way that it could cause an application linked with flac libraries to crash or execute arbitrary code when it was opened. (CVE-2007-4619) Users of flac are advised to upgrade to this updated package, which contains a backported patch that resolves this issue.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67590
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67590
    title Oracle Linux 4 / 5 : flac (ELSA-2007-0975)
oval via4
accepted 2013-04-29T04:06:46.941-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow.
family unix
id oval:org.mitre.oval:def:10571
status accepted
submitted 2010-07-09T03:56:16-04:00
title Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow.
version 24
redhat via4
advisories
rhsa
id RHSA-2007:0975
rpms
  • flac-0:1.1.0-7.el4_5.2
  • flac-devel-0:1.1.0-7.el4_5.2
  • xmms-flac-0:1.1.0-7.el4_5.2
  • flac-0:1.1.2-28.el5_0.1
  • flac-devel-0:1.1.2-28.el5_0.1
refmap via4
bid 26042
confirm
debian DSA-1469
fedora FEDORA-2007-2596
gentoo GLSA-200711-15
idefense 20071011 Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities
mandriva MDKSA-2007:214
sectrack 1018815
secunia
  • 27210
  • 27223
  • 27355
  • 27399
  • 27507
  • 27601
  • 27625
  • 27628
  • 27780
  • 27878
  • 28548
suse SUSE-SR:2007:022
ubuntu USN-540-1
vupen
  • ADV-2007-3483
  • ADV-2007-3484
  • ADV-2007-4061
xf flac-media-files-bo(37187)
Last major update 07-03-2011 - 21:58
Published 12-10-2007 - 17:17
Last modified 28-09-2017 - 21:29
Back to Top