CVE-2007-6277 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Flac

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents6 sources

Severity

9.3CRITICALNVD

EPSS

18.1%

top 4.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Flac Project Flac Debian Flac Flac Libflac

Timeline

PublishedDec 7

Latest updateMay 1

Description

Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size, (4) Picture Description Size, (5) Picture Data Length, (6) Padding Length, and (7) PICTURE Metadata width and height values in a .FLAC file, which result in a heap-based overflow; and large (8) VORBIS Comment String Size Length, (9) Picture MIME-Type…

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

▶NVDflac/libflac1.2

▶debiandebian/flac< flac 1.2.1-1 (bookworm)

▶Debianflac_project/flac< 1.2.1-1+3

Patches

Patch: www.kb.cert.org ↗Patch: www.securitytracker.com ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-5955-gqmh-73gj: Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1↗2022-05-01

▶

OSV

CVE-2007-6277: Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1↗2007-12-07

▶

📋Vendor Advisories

Red Hat

libflac: Multiple security issues fixed in 1.2.1↗2007-11-15

▶

Debian

CVE-2007-6277: flac - Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2...↗2007

▶

💬Community

Bugzilla

CVE-2007-6277 libflac: Multiple security issues fixed in 1.2.1↗2007-12-07

▶