diff options
| author | Martin Wilke <miwi@FreeBSD.org> | 2007-06-29 09:24:06 +0000 |
|---|---|---|
| committer | Martin Wilke <miwi@FreeBSD.org> | 2007-06-29 09:24:06 +0000 |
| commit | 6e69c5aa160bcd7715c22e28d833ba88165e62fd (patch) | |
| tree | fa0f24298d6a530a7257e1070c6bf44641df6170 | |
| parent | 854e3881a2c8dd6dbd72298885b88521e9df7a89 (diff) | |
| download | freebsd-ports-6e69c5aa160bcd7715c22e28d833ba88165e62fd.zip | |
- Document flac123 - stack overflow in comment parsing
Reviewed by: simon@
| -rw-r--r-- | security/vuxml/vuln.xml | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 579e3dbff164..1d8b3d81aae0 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,33 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="32d38cbb-2632-11dc-94da-0016179b2dd5"> + <topic>flac123 -- stack overflow in comment parsing </topic> + <affects> + <package> + <name>flac123</name> + <range><lt>0.9.10</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>isecpartners reports:</p> + <blockquote cite="http://www.isecpartners.com/advisories/2007-002-flactools.txt"> + <p>flac123, also known as flac-tools, is vulnerable + to a buffer overflow in vorbis comment parsing. + This allows for the execution of arbitrary code.</p> + </blockquote> + </body> + </description> + <references> + <url>http://www.isecpartners.com/advisories/2007-002-flactools.txt</url> + </references> + <dates> + <discovery>2007-06-05</discovery> + <entry>2007-06-28</entry> + </dates> + </vuln> + <vuln vid="6e099997-25d8-11dc-878b-000c29c5647f"> <topic>gd -- multiple vulnerabilities</topic> <affects> |