CVE-2004-0991

Published: Jan 11, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files.

Affected (15)

Products: Mpg123: Mpg123 · Suse: Suse Linux

1 product

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Mpg123 Mpg123	Version 0.59m
Mpg123 Mpg123	Version 0.59n
Mpg123 Mpg123	Version 0.59o
Mpg123 Mpg123	Version 0.59p
Mpg123 Mpg123	Version 0.59q
Mpg123 Mpg123	Version 0.59r
Mpg123 Mpg123	Version 0.59s

Configuration B

8 vulnerable

Vulnerable Software	Affected Versions
Suse Suse Linux	Version 8.0
Suse Suse Linux	Version 8.0
Suse Suse Linux	Version 8.1
Suse Suse Linux	Version 8.2
Suse Suse Linux	Version 9.0
Suse Suse Linux	Version 9.0
Suse Suse Linux	Version 9.1
Suse Suse Linux	Version 9.2

References (12)

http://secunia.com/advisories/13779

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/13788

Source: cve@mitre.org

http://secunia.com/advisories/13899

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200501-14.xml

Source: cve@mitre.org

PatchVendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2005:009

Source: cve@mitre.org

http://www.securityfocus.com/bid/12218

Source: cve@mitre.org

http://secunia.com/advisories/13779

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/13788

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/13899

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200501-14.xml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2005:009

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/12218

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.