ISS X-Force Database: flac-media-multiple-overflow(37187): libFLAC media files multiple integer overflows

libFLAC media files multiple integer overflows

flac-media-multiple-overflow (37187)

High Risk

Description:

The libFLAC library, which is used to process FLAC (Free Lossless Audio Codec) files and is included in various software distributions, is vulnerable to integer overflows. By persuading a victim to open a specially-crafted FLAC file, a remote attacker could exploit these vulnerabilities to execute arbitrary code on the system or cause the affected application to crash.

Platforms Affected:

Canonical, Ubuntu 6.06 LTS
Canonical, Ubuntu 6.10
Canonical, Ubuntu 7.04
Canonical, Ubuntu 7.10
Debian, Debian Linux 3.1
Debian, Debian Linux 4.0
Gentoo, Linux
Josh Coalson, libFLAC 1.2.0 and prior
Mandriva, Corporate Server 3.0
Mandriva, Corporate Server 3.0 X86_64
Mandriva, Linux 2007
Mandriva, Linux 2007 X86_64
Mandriva, Linux 2007.1
Mandriva, Linux 2007.1 X86_64
Mandriva, Linux 2008.0 X86_64
Mandriva, Linux 2008.0
RedHat, Enterprise Linux 4 ES
RedHat, Enterprise Linux 4 WS
RedHat, Enterprise Linux 4 Desktop
RedHat, Enterprise Linux 4 AS
RedHat, Enterprise Linux 5 Client Workstation
RedHat, Enterprise Linux 5 Client
RedHat, Enterprise Linux 5
SuSE, SuSE Linux
VideoLAN, VLC prior to 0.8.6d

Remedy:

Upgrade to the latest version of libFLAC (1.2.1 or later), available from the FLAC Web site. See References.

For VLC Media Player:
Upgrade to the latest version of VLC Media Player (0.8.6d or later), available from the VideoLAN Web site. See References.

For other distributions:
Apply the appropriate update for your system. See References.

Consequences:

Gain Access

References:

Core Security Web site, Core Security Technologies at http://www.coresecurity.com/.
FLAC Web site, FLAC - Free Lossless Audio Codec at http://flac.sourceforge.net/index.html.
iDefense PUBLIC ADVISORY: 10.11.07, Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities at http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608.
ASA-2007-458: FLAC security update (RHSA-2007-0975)
BID-26042: FLAC libFLAC Multiple Unspecified Integer Overflow Vulnerabilities
CVE-2007-4619: Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow.
DSA-1469: flac -- several vulnerabilities
FrSIRT/ADV-2007-3483: FLAC Media File Processing Multiple Integer Overflow Vulnerabilities
FrSIRT/ADV-2007-3484: Winamp FLAC Media File Processing Multiple Integer Overflow Vulnerabilities
FrSIRT/ADV-2007-4061: VideoLAN VLC Media Player ActiveX Plugin and FLAC Code Execution
GLSA-200711-15: FLAC: Buffer overflow
MDKSA-2007:214: Updated flac packages fix vulnerability
RHSA-2007-0975: Important: flac security update
SA27210: FLAC Media File Processing Integer Overflow Vulnerabilities
SA27223: Winamp FLAC Media File Processing Integer Overflows
SA27878: VLC Media Player ActiveX Plugin and FLAC Vulnerabilities
SECTRACK ID: 1018815: FLAC Integer Overflow Lets Remote Users Execute Arbitrary Code
SECTRACK ID: 1018974: FLAC Buffer Overflows, Double Free Errors, and Other Bugs Let Remote Users Execute Arbitrary Code
SUSE-SR:2007:022: SUSE Security Summary Report
US-CERT VU#544656: libFLAC contains multiple vulnerabilities
USN-540-1: flac vulnerability

Reported:

Oct 11, 2007

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page