CVE-2004-0805
EPSS 5.8%mpg123 - missing user input sanitising
Published: 12/23/2004Modified: 4/28/2026
Description
Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.
Affected packages (3)
- Debian/mp3gainfrom 0, < 1.5.2-r2-6
- Debian/mpg123from 0, < 0.59r-16
- Debian/mpg123from 0, < 0.59r-13woody3