|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608
|
| |
Vulnerable Systems:
* libFLAC version 1.2.0
Immune Systems:
* libFLAC version 1.2.1
These vulnerabilities specifically exist in the handling of malformed FLAC media files. In each case, an integer overflow can occur while calculating the amount of memory to allocate. As such, insufficient memory is allocated for the data that is subsequently read in from the file, and a heap based buffer overflow occurs.
Analysis:
Exploitation allows remote attackers to execute arbitrary code in the context of the user attempting to play the media file. Exploitation requires that an attacker persuade a targeted user into opening a malformed FLAC file.
Workaround:
For Winamp users, it is possible to remove support for the FLAC file format by uninstalling the FLAC input plug-in.
Vendor response:
The FLAC maintainers have released version 1.2.1 of FLAC to address these vulnerabilities. AOL Corp. has addressed this vulnerability in version 5.5 of Winamp. For more information see the FLAC change log at the following URL: http://flac.sourceforge.net/changelog.html
CVE Information:
CVE-2007-4619
Disclosure Timeline:
08/29/2007 - Initial vendor notification
08/29/2007 - Initial vendor response
10/11/2007 - Coordinated public disclosure
|
|
|
|
|
