suse · CVE-2007-4974

Quick triage

Priority: high Published: 2021-05-30 12:40:09 UTC Updated: 2026-04-18 20:31:50 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2007-4974 severity important: SUSE including 15 source package names (ardour-6.9.0-1.1, libsndfile-1.0.20-2.1.46, …), 18 product×package rows across 7 product lines (SUSE Linux Enterprise Server 11 SP1, SUSE Linux Enterprise Server 11 SP2, … (7 product lines)): Fixed 18.

Description:

Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size.

cvelogic Threat Intelligence