CVE-2014-9028

Опубликовано: 26 нояб. 2014

Источник: debian

EPSS Средний

Описание

Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.

Пакет	Статус	Версия исправления	Релиз	Тип
flac	fixed	1.3.0-3		package

Upstream patches:
https://github.com/xiph/flac/commit/fcf0ba06ae12ccd7c67cee3c8d948df15f946b85 (1.3.1pre1)
https://github.com/xiph/flac/commit/5a365996d739bdf4711af51d9c2c71c8a5e14660 (1.3.1)

EPSS

Процентиль: 96%

0.25739

Средний

CVE-2014-9028

ubuntu

почти 11 лет назад

Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.

CVE-2014-9028

redhat

почти 11 лет назад

Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.

CVE-2014-9028

nvd

почти 11 лет назад

Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.

GHSA-6x2f-7ggw-rc86

github

больше 3 лет назад

Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.

ELSA-2015-0767

oracle-oval

больше 10 лет назад

ELSA-2015-0767: flac security update (IMPORTANT)

EPSS

Процентиль: 96%

0.25739

Средний