CVE-2006-7075 Information

Description

Buffer overflow in the meta_read_flac function in meta_decoder.c for Aqualung 0.9beta5 and earlier and CVS 0.193.2 and earlier allows user-assisted attackers to execute arbitrary code via a long Vorbis comment in a Free Lossless Audio Codec (FLAC) file.

Reference

http://aluigi.altervista.org/adv/aquabof-adv.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/28310