ID CVE-2007-4619
Summary Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:flac:libflac:*:*:*:*:*:*:*:*
    cpe:2.3:a:flac:libflac:*:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*
  • cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*
    cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 29-09-2017 - 01:29)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2013-04-29T04:06:46.941-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow.
family unix
id oval:org.mitre.oval:def:10571
status accepted
submitted 2010-07-09T03:56:16-04:00
title Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow.
version 30
redhat via4
advisories
rhsa
id RHSA-2007:0975
rpms
  • flac-0:1.1.0-7.el4_5.2
  • flac-0:1.1.2-28.el5_0.1
  • flac-debuginfo-0:1.1.0-7.el4_5.2
  • flac-debuginfo-0:1.1.2-28.el5_0.1
  • flac-devel-0:1.1.0-7.el4_5.2
  • flac-devel-0:1.1.2-28.el5_0.1
  • xmms-flac-0:1.1.0-7.el4_5.2
refmap via4
bid 26042
confirm
debian DSA-1469
fedora FEDORA-2007-2596
gentoo GLSA-200711-15
idefense 20071011 Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities
mandriva MDKSA-2007:214
sectrack 1018815
secunia
  • 27210
  • 27223
  • 27355
  • 27399
  • 27507
  • 27601
  • 27625
  • 27628
  • 27780
  • 27878
  • 28548
suse SUSE-SR:2007:022
ubuntu USN-540-1
vupen
  • ADV-2007-3483
  • ADV-2007-3484
  • ADV-2007-4061
xf flac-media-files-bo(37187)
Last major update 29-09-2017 - 01:29
Published 12-10-2007 - 21:17
Last modified 29-09-2017 - 01:29
Back to Top