CVE-2007-5301

Buffer overflow in the vorbis_stream_info function in input/vorbis/vorbis_engine.c (aka the vorbis input plugin) in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments.

Date published : 2007-10-09

http://www.securityfocus.com/bid/25969

http://www.securityfocus.com/archive/1/490671/100/0/threaded