Vulnerabilities > CVE-2006-7075 - Remote Security vulnerability in Aqualung 0.9Beta5

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
aqualung
NVD
Published: 2007-03-02
Updated: 2017-07-29

Summary

Buffer overflow in the meta_read_flac function in meta_decoder.c for Aqualung 0.9beta5 and earlier, and CVS 0.193.2 and earlier, allows user-assisted attackers to execute arbitrary code via a long Vorbis comment in a Free Lossless Audio Codec (FLAC) file.

Vulnerable Configurations

Part Description Count
Application
Aqualung
1

References