Mandriva Update For Flac MDKSA-2007:214 (flac) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A security vulnerability was discovered in how flac processed audio data. An attacker could create a carefully crafted FLAC audio file that could cause an application linked against the flac libraries to crash or execute arbitrary code when opened. Updated packages have been patched to prevent this issue.

Affected

flac on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64, Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64

Severity

Classification

CVE CVE-2007-4619
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:096 (printer-drivers)
Mandrake Security Advisory MDVSA-2009:035 (gstreamer0.10-plugins-good)
Mandrake Security Advisory MDVSA-2009:140 (gaim)
Mandrake Security Advisory MDVSA-2009:023 (php)
Mandrake Security Advisory MDVSA-2009:143 (netpbm)

Mandriva Update for flac MDKSA-2007:214 (flac)

Take action and discover your vulnerabilities