CVSS: 7.5EPSS: 11%CPEs: 8EXPL: 0CVE-2004-0805
https://notcve.org/view.php?id=CVE-2004-0805
Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file. Desbordamiento de búfer en layer2.c en mpg123 0.59r y posiblemente en mpg123 0.59s permite a atacantes remotos ejecutar código arbitrario mediante ciertos ficheros mp3 o mp2. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html http://www.alighieri.org/advisories/advisory-mpg123.txt http://www.debian.org/security/2004/dsa-564 http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100 http://www.securityfocus.com/archive/1/374433 http://www.securityfocus.com/bid/11121 https://exchange.xforce.ibmcloud.com/vulnerabilities/17287 •
CVSS: 7.5EPSS: 44%CPEs: 2EXPL: 3CVE-2003-0865 – MPG123 0.59 - Remote File Play Heap Corruption
https://notcve.org/view.php?id=CVE-2003-0865
Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request. Desbordamiento de búfer basado en el montón en readstring de httpget.c de mpg123 0.59r y 0.59s permite a atacantes remotos ejecutar código arbitrario mediante una petición muy grande. • https://www.exploit-db.com/exploits/23171 ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-002.0/CSSA-2004-002.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000781 http://marc.info/?l=bugtraq&m=106493686331198&w=2 http://www.debian.org/security/2004/dsa-435 http://www.securityfocus.com/archive/1/338641 http://www.securityfocus.com/bid/8680 •
CVSS: 7.5EPSS: 9%CPEs: 2EXPL: 0CVE-2003-0577
https://notcve.org/view.php?id=CVE-2003-0577
mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size. mpg123 0.59r permite a atacantes remotos causar denegación de servicio, y posiblemente ejecutar código arbitrario mediante un fichero MP3 con tasa binaria cero, lo que crea un tamaño de marco negativo. • ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-002.0/CSSA-2004-002.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000695 http://secunia.com/advisories/7875 http://www.mandriva.com/security/advisories?name=MDKSA-2003:078 http://www.securityfocus.com/archive/1/306903 http://www.securityfocus.com/bid/6629 •