Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0865

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0865
Last Modified 05 Sep 2008 04:35:28
Published 17 Nov 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0865

Summary

Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request.

Vulnerable Systems

Application

  • Mpg123 0.59r

  • Mpg123 0.59s


References

BID - 8680

DEBIAN - DSA-435

BUGTRAQ - 20030930 GLSA: mpg123 (200309-17)

BUGTRAQ - 20030923 mpg123[v0.59r,v0.59s]: remote client-side heap corruption exploit.

SCO - CSSA-2004-002.0

CONECTIVA - CLA-2003:781


Last Updated: 27 May 2016 10:38:05