CVE-2007-6277 - OpenCVE

Vendors	Products
Flac	Libflac

Link	Resource
http://research.eeye.com/html/advisories/published/AD20071115.html
http://secunia.com/advisories/28548
http://securityreason.com/securityalert/3423
http://www.debian.org/security/2008/dsa-1469
http://www.kb.cert.org/vuls/id/544656	Patch US Government Resource
http://www.securityfocus.com/archive/1/483765/100/200/threaded
http://www.securitytracker.com/id?1018974	Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10435

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-15T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size, (4) Picture Description Size, (5) Picture Data Length, (6) Padding Length, and (7) PICTURE Metadata width and height values in a .FLAC file, which result in a heap-based overflow; and large (8) VORBIS Comment String Size Length, (9) Picture MIME-Type, (10) Picture MIME-Type URL, and (11) Picture Description Length values in a .FLAC file, which result in a stack-based overflow. NOTE: some of these issues may overlap CVE-2007-4619."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "DSA-1469", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1469"}, {"name": "AD20071115", "tags": ["third-party-advisory", "x_refsource_EEYE"], "url": "http://research.eeye.com/html/advisories/published/AD20071115.html"}, {"name": "1018974", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018974"}, {"name": "3423", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3423"}, {"name": "28548", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28548"}, {"name": "VU#544656", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/544656"}, {"name": "oval:org.mitre.oval:def:10435", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10435"}, {"name": "20071115 EEYE: Multiple Vulnerabilities In .FLAC File Format and Various Media Applications", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/483765/100/200/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6277", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size, (4) Picture Description Size, (5) Picture Data Length, (6) Padding Length, and (7) PICTURE Metadata width and height values in a .FLAC file, which result in a heap-based overflow; and large (8) VORBIS Comment String Size Length, (9) Picture MIME-Type, (10) Picture MIME-Type URL, and (11) Picture Description Length values in a .FLAC file, which result in a stack-based overflow. NOTE: some of these issues may overlap CVE-2007-4619."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-1469", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1469"}, {"name": "AD20071115", "refsource": "EEYE", "url": "http://research.eeye.com/html/advisories/published/AD20071115.html"}, {"name": "1018974", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018974"}, {"name": "3423", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3423"}, {"name": "28548", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28548"}, {"name": "VU#544656", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/544656"}, {"name": "oval:org.mitre.oval:def:10435", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10435"}, {"name": "20071115 EEYE: Multiple Vulnerabilities In .FLAC File Format and Various Media Applications", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483765/100/200/threaded"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6277", "datePublished": "2007-12-07T11:00:00", "dateReserved": "2007-12-07T00:00:00", "dateUpdated": "2018-10-15T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:flac:libflac:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D389BAA-4D7C-4126-8D3D-9C8286BDBB45", "versionEndIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size, (4) Picture Description Size, (5) Picture Data Length, (6) Padding Length, and (7) PICTURE Metadata width and height values in a .FLAC file, which result in a heap-based overflow; and large (8) VORBIS Comment String Size Length, (9) Picture MIME-Type, (10) Picture MIME-Type URL, and (11) Picture Description Length values in a .FLAC file, which result in a stack-based overflow. NOTE: some of these issues may overlap CVE-2007-4619."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de buffer en Free Lossless Audio Codec (FLAC), en versiones anteriores a la 1.2.1. Permite que atacantes remotos,con intervenci\u00f3n del usuario, ejecuten c\u00f3digo de su elecci\u00f3n usando tama\u00f1os grandes de los valores de longitud y altura de (1) Metadata Block Size (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size, (4) Picture Description Size, (5) Picture Data Length, (6) Padding Length, y (7) PICTURE Metadata, especificados en un fichero .FLAC, que tiene como resultado un desbordamiento basado en la pila de memoria din\u00e1mica (heap); los valores grandes de (8) VORBIS Comment String Size Length, (9) Picture MIME-Type, (10) Picture MIME-Type URL, y (11) Picture Description Length, tambi\u00e9n especificados en un fichero .FLAC, provocan un desbordamiento basado en la pila (stack).\r\nNOTA: alguna de estos problemas podr\u00eda coincidir con el CVE-2007-4619."}], "id": "CVE-2007-6277", "lastModified": "2018-10-15T21:51:27.327", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-12-07T11:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://research.eeye.com/html/advisories/published/AD20071115.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/28548"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3423"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1469"}, {"source": "cve@mitre.org", "tags": ["Patch", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/544656"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/483765/100/200/threaded"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securitytracker.com/id?1018974"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10435"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

JSON object

JSON object

JSON object