CVE-2007-6278

Name of the Vulnerable Software and Affected Versions Free Lossless Audio Codec (FLAC) versions prior to 1.2.1

Description The issue allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag for the FLAC image file in a crafted .FLAC file.

Recommendations For versions prior to 1.2.1, update to version 1.2.1 or later to resolve the issue.