Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0805

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0805
Last Modified 10 Sep 2008 03:27:50
Published 23 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0805

Summary

Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.

Vulnerable Systems

Operating System

  • Mandrakesoft Mandrake Linux 10.0

  • Mandrakesoft Mandrake Linux 9.2

  • Mandrakesoft Mandrake Linux Corporate Server 2.1

Application

  • Mpg123 0.59r

  • Mpg123 0.59s


References

XF - mpg123-layer2c-bo(17287)

DEBIAN - DSA-564

BID - 11121

BUGTRAQ - 20040916 mpg123 buffer overflow vulnerability

MANDRAKE - MDKSA-2004:100

GENTOO - GLSA-200409-20

MISC - http://www.alighieri.org/advisories/advisory-mpg123.txt

FULLDISC - 20040907 mpg123 buffer overflow vulnerability


Last Updated: 27 May 2016 10:38:46