CVE-2007-6278

Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag (-->) for the FLAC image file in a crafted .FLAC file.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:flac:libflac:*:*:*:*:*:*:*:*

Information

Published : 2007-12-07 03:46

Updated : 2018-10-15 14:51


NVD link : CVE-2007-6278

Mitre link : CVE-2007-6278


JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

flac

  • libflac