CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2017-12839
https://notcve.org/view.php?id=CVE-2017-12839
09 May 2019 — A heap-based buffer over-read in the getbits function in src/libmpg123/getbits.h in mpg123 through 1.25.5 allows remote attackers to cause a possible denial-of-service (out-of-bounds read) or possibly have unspecified other impact via a crafted mp3 file. se presenta una vulnerabilidad en una sobre-lectura del búfer en la región heap de la memoria en la función getbits en src/libmpg123/ getbits.h en mpg123 versión 1.25.5, permite a los atacantes remotos generar una posible Denegación de Servicio (DoS) (lectu... • https://sourceforge.net/p/mpg123/bugs/255 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12797
https://notcve.org/view.php?id=CVE-2017-12797
29 Aug 2017 — Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow. Un desbordamiento de números enteros en la función INT123_parse_new_id3 en el párser ID3 en mpg123 en versiones anteriores a la 1.25.5 en plataformas de 32 bits permite que atacantes remotos provoquen una denegación de servicio mediante un archivo manipulado, lo que desencadena... • https://sourceforge.net/p/mpg123/bugs/254 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11126
https://notcve.org/view.php?id=CVE-2017-11126
10 Jul 2017 — The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type != 2" case, a similar issue to CVE-2017-9870. La función III_i_stereo en el archivo libmpg123/layer3.c en mpg123 hasta versión 1.25.1, permite a los atacantes remotos causar una denegación de servicio (lectura excesiva de búfer y bloqueo de aplicación) por medio de un ... • http://openwall.com/lists/oss-security/2017/07/10/4 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-9497 – Gentoo Linux Security Advisory 201502-01
https://notcve.org/view.php?id=CVE-2014-9497
06 Feb 2015 — Buffer overflow in mpg123 before 1.18.0. Existe una vulnerabilidad de desbordamiento de búfer en mpg123 en versiones anteriores a la 1.18.0. A vulnerability has been found in mpg123, which could result in arbitrary code execution. Versions less than 1.18.1 are affected. • http://www.openwall.com/lists/oss-security/2015/01/04/5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 8%CPEs: 14EXPL: 0CVE-2009-1301
https://notcve.org/view.php?id=CVE-2009-1301
16 Apr 2009 — Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtained from third party information. Error de presencia de signo entero en la función store_id3_text en el código ID3v2 en mpg123 antes de 1.7.2 permite a atacantes remotos provocar una denegación de servicio (acces... • http://bugs.gentoo.org/show_bug.cgi?id=265342 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0CVE-2007-0578
https://notcve.org/view.php?id=CVE-2007-0578
30 Jan 2007 — The http_open function in httpget.c in mpg123 before 0.64 allows remote attackers to cause a denial of service (infinite loop) by closing the HTTP connection early. La función http_open de httpget.c en mpg123 anterior al 0.64 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) cerrando la conexión HTTP prematuramente. • http://osvdb.org/40128 •
CVSS: 9.8EPSS: 5%CPEs: 15EXPL: 0CVE-2004-0991
https://notcve.org/view.php?id=CVE-2004-0991
11 Jan 2005 — Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files. • http://secunia.com/advisories/13779 •
CVSS: 10.0EPSS: 5%CPEs: 7EXPL: 2CVE-2004-1284 – MPG123 0.59 - Find Next File Remote Client-Side Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1284
22 Dec 2004 — Buffer overflow in the find_next_file function in playlist.c for mpg123 0.59r allows remote attackers to execute arbitrary code via a crafted MP3 playlist. • https://www.exploit-db.com/exploits/24852 •