CVSS: 7.5EPSS: 9%CPEs: 15EXPL: 0CVE-2004-0991
https://notcve.org/view.php?id=CVE-2004-0991
Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files. • http://secunia.com/advisories/13779 http://secunia.com/advisories/13788 http://secunia.com/advisories/13899 http://security.gentoo.org/glsa/glsa-200501-14.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:009 http://www.securityfocus.com/bid/12218 •
CVSS: 10.0EPSS: 5%CPEs: 7EXPL: 2CVE-2004-1284 – MPG123 0.59 - Find Next File Remote Client-Side Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1284
Buffer overflow in the find_next_file function in playlist.c for mpg123 0.59r allows remote attackers to execute arbitrary code via a crafted MP3 playlist. • https://www.exploit-db.com/exploits/24852 http://tigger.uic.edu/~jlongs2/holes/mpg123.txt http://www.novell.com/linux/security/advisories/2005_01_sr.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18626 •
CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 0CVE-2004-0982
https://notcve.org/view.php?id=CVE-2004-0982
Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ (at sign) in a URL. • http://marc.info/?l=bugtraq&m=109834486312407&w=2 http://secunia.com/advisories/12908 http://securitytracker.com/id?1011832 http://www.barrossecurity.com/advisories/mpg123_getauthfromurl_bof_advisory.txt http://www.debian.org/security/2004/dsa-578 http://www.gentoo.org/security/en/glsa/glsa-200410-27.xml http://www.osvdb.org/11023 http://www.securityfocus.com/bid/11468 https://exchange.xforce.ibmcloud.com/vulnerabilities/17574 •
CVSS: 7.5EPSS: 11%CPEs: 8EXPL: 0CVE-2004-0805
https://notcve.org/view.php?id=CVE-2004-0805
Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file. Desbordamiento de búfer en layer2.c en mpg123 0.59r y posiblemente en mpg123 0.59s permite a atacantes remotos ejecutar código arbitrario mediante ciertos ficheros mp3 o mp2. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html http://www.alighieri.org/advisories/advisory-mpg123.txt http://www.debian.org/security/2004/dsa-564 http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100 http://www.securityfocus.com/archive/1/374433 http://www.securityfocus.com/bid/11121 https://exchange.xforce.ibmcloud.com/vulnerabilities/17287 •
CVSS: 7.5EPSS: 44%CPEs: 2EXPL: 3CVE-2003-0865 – MPG123 0.59 - Remote File Play Heap Corruption
https://notcve.org/view.php?id=CVE-2003-0865
Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request. Desbordamiento de búfer basado en el montón en readstring de httpget.c de mpg123 0.59r y 0.59s permite a atacantes remotos ejecutar código arbitrario mediante una petición muy grande. • https://www.exploit-db.com/exploits/23171 ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-002.0/CSSA-2004-002.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000781 http://marc.info/?l=bugtraq&m=106493686331198&w=2 http://www.debian.org/security/2004/dsa-435 http://www.securityfocus.com/archive/1/338641 http://www.securityfocus.com/bid/8680 •