CVE-2004-0805

EPSS 5.8%

mpg123 - missing user input sanitising

發布日:2004/12/23修改日:2026/4/28

描述

Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.

受影響套件(3)

Debian/mp3gainfrom 0, < 1.5.2-r2-6
Debian/mpg123from 0, < 0.59r-16
Debian/mpg123from 0, < 0.59r-13woody3

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-0805