CVE-2007-6278
Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag (–>) for the FLAC image file in a crafted .FLAC file.
Date published : 2007-12-07
http://www.securityfocus.com/archive/1/483765/100/200/threaded