CVE-2007-0578

Published: Jan 30, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The http_open function in httpget.c in mpg123 before 0.64 allows remote attackers to cause a denial of service (infinite loop) by closing the HTTP connection early.

Affected (11)

Products: Mpg123: Mpg123

1 product

Configuration A

11 vulnerable

Vulnerable Software	Affected Versions
Mpg123 Mpg123	Version 0.59m
Mpg123 Mpg123	Version 0.59n
Mpg123 Mpg123	Version 0.59o
Mpg123 Mpg123	Version 0.59p
Mpg123 Mpg123	Version 0.59q
Mpg123 Mpg123	Version 0.59r
Mpg123 Mpg123	Version 0.59s
Mpg123 Mpg123	Version 0.62
Mpg123 Mpg123	Version 0.63
Mpg123 Mpg123	Version pre0.59s
Mpg123 Mpg123	Version pre0.59s_r11

References (12)

http://osvdb.org/40128

Source: cve@mitre.org

http://sourceforge.net/project/shownotes.php?group_id=135704&release_id=478747

Source: cve@mitre.org

PatchVendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2007:032

Source: cve@mitre.org

http://www.mpg123.de/cgi-bin/news.cgi

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/22274

Source: cve@mitre.org

PatchVendor Advisory

http://www.vupen.com/english/advisories/2007/0366

Source: cve@mitre.org

http://osvdb.org/40128

Source: af854a3a-2127-422b-91ae-364da2661108

http://sourceforge.net/project/shownotes.php?group_id=135704&release_id=478747

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2007:032

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mpg123.de/cgi-bin/news.cgi

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/22274

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.vupen.com/english/advisories/2007/0366

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.