Multiple FLAC Vulnerabilities Affect Every OS

Enon writes "eEye Digital Security has discovered 14 vulnerabilities in the FLAC file format that affect a huge range of media players on every supported operating system (Windows, Mac OS, Linux, Unix, BSD, Solaris, and even some hardware players are vulnerable). Heise points out a number of vulnerable apps that use the open source libavcodec audio codec library, which in turn relies on the flawed libFLAC library. These vulnerabilities could allow a person of ill will to trojanize FLAC files that could compromise your computer if they are played on a vulnerable media player. eEye worked with US-CERT to notify vulnerable vendors."

Re:Time to write libraries like these in OCaml.

[bmo]

Just because I have karma to burn and I don't care...

Performant is not a word.

Efficient is a word.

Making up jargon to sound erudite actually makes you sound stupid.

Thank you and have a nice day.

--
BMO

Comment removed

[account_deleted]

Comment removed based on user account deletion

This comment not modded up yet

[QuantumG]

Come on you retards with mod points, here's a guy making a completely non-sense statement on Slashdot. Mod him up! Geez, what's taking you so long?

Hmm.. maybe "ComputerPhreak" really is the stupidest person here.

Re:don't need root for a rootkit

[Gothmolly]

Except that this only affects YOUR processes, not root's. So you are not "so pwn3d". Ask your buddies on IRC for something cleverer next time. Nice OLPC troll though, it got you some karma.

Re:root listens to audio?

[SirTalon42]

sudo wouldn't be any more immune to the keystrokes being logged than su.