This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200709-06
(flac123: Buffer overflow)
A possible buffer overflow vulnerability has been reported in the
local__vcentry_parse_value() function in vorbiscomment.c.
An attacker could entice a user to play a specially crafted audio file,
which could lead to the execution of arbitrary code with the privileges
of the user running the application.
There is no known workaround at this time.
See also :
All flac123 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=media-sound/flac123-0.0.11'
Risk factor :
High / CVSS Base Score : 9.3
Family: Gentoo Local Security Checks
Nessus Plugin ID: 26096 (gentoo_GLSA-200709-06.nasl)
CVE ID: CVE-2007-3507