CVE-2007-6278

描述

Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag (-->) for the FLAC image file in a crafted .FLAC file.

受影響套件(1)

• Debian/flacfrom 0, < 1.2.1-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-6278