Summary
The remote host is missing an update to flac
announced via advisory DSA 1469-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201469-1
Insight
Sean de Regge and Greg Linares discovered multiple heap and stack based buffer overflows in FLAC, the Free Lossless Audio Codec, which could lead to the execution of arbitrary code.
For the unstable distribution (sid), these problems have been fixed in version 1.2.1-1.
For the stable distribution (etch), these problems have been fixed in version 1.1.2-8.
For the old stable distribution (sarge), these problems have been fixed in version 1.1.1-5sarge1.
We recommend that you upgrade your flac packages.
Severity
Classification
-
CVE CVE-2007-4619, CVE-2007-6277 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities