CVE-2007-0578
https://notcve.org/view.php?id=CVE-2007-0578
The http_open function in httpget.c in mpg123 before 0.64 allows remote attackers to cause a denial of service (infinite loop) by closing the HTTP connection early. La función http_open de httpget.c en mpg123 anterior al 0.64 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) cerrando la conexión HTTP prematuramente. • http://osvdb.org/40128 http://sourceforge.net/project/shownotes.php?group_id=135704&release_id=478747 http://www.mandriva.com/security/advisories?name=MDKSA-2007:032 http://www.mpg123.de/cgi-bin/news.cgi http://www.securityfocus.com/bid/22274 http://www.vupen.com/english/advisories/2007/0366 •
CVE-2004-0991
https://notcve.org/view.php?id=CVE-2004-0991
Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files. • http://secunia.com/advisories/13779 http://secunia.com/advisories/13788 http://secunia.com/advisories/13899 http://security.gentoo.org/glsa/glsa-200501-14.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:009 http://www.securityfocus.com/bid/12218 •
CVE-2004-0805
https://notcve.org/view.php?id=CVE-2004-0805
Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file. Desbordamiento de búfer en layer2.c en mpg123 0.59r y posiblemente en mpg123 0.59s permite a atacantes remotos ejecutar código arbitrario mediante ciertos ficheros mp3 o mp2. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html http://www.alighieri.org/advisories/advisory-mpg123.txt http://www.debian.org/security/2004/dsa-564 http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100 http://www.securityfocus.com/archive/1/374433 http://www.securityfocus.com/bid/11121 https://exchange.xforce.ibmcloud.com/vulnerabilities/17287 •
CVE-2003-0865 – MPG123 0.59 - Remote File Play Heap Corruption
https://notcve.org/view.php?id=CVE-2003-0865
Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request. Desbordamiento de búfer basado en el montón en readstring de httpget.c de mpg123 0.59r y 0.59s permite a atacantes remotos ejecutar código arbitrario mediante una petición muy grande. • https://www.exploit-db.com/exploits/23171 ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-002.0/CSSA-2004-002.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000781 http://marc.info/?l=bugtraq&m=106493686331198&w=2 http://www.debian.org/security/2004/dsa-435 http://www.securityfocus.com/archive/1/338641 http://www.securityfocus.com/bid/8680 •