Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ (at sign) in a URL.
CVSS Score
10.0
EPSS Score
0.082
Published
2005-02-09
Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files.
CVSS Score
7.5
EPSS Score
0.05
Published
2005-01-11
Buffer overflow in the find_next_file function in playlist.c for mpg123 0.59r allows remote attackers to execute arbitrary code via a crafted MP3 playlist.
CVSS Score
10.0
EPSS Score
0.058
Published
2005-01-10
Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.
CVSS Score
7.5
EPSS Score
0.058
Published
2004-12-23
Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request.
CVSS Score
7.5
EPSS Score
0.195
Published
2003-11-17
mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size.
CVSS Score
7.5
EPSS Score
0.052
Published
2003-08-18
Page 2