Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mpg123 mpg123 vulnerabilities and exploits
(subscribe to this query)
8.3
CVSSv3
CVE-2017-12839
A heap-based buffer over-read in the getbits function in src/libmpg123/getbits.h in mpg123 up to and including 1.25.5 allows remote malicious users to cause a possible denial-of-service (out-of-bounds read) or possibly have unspecified other impact via a crafted mp3 file.
Mpg123 Mpg123
7.5
CVSSv3
CVE-2014-9497
Buffer overflow in mpg123 prior to 1.18.0.
Mpg123 Mpg123
7.5
CVSSv3
CVE-2017-10683
In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack.
Mpg123 Mpg123 1.25.0
5.5
CVSSv3
CVE-2017-12797
Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 prior to 1.25.5 on 32-bit platforms allows remote malicious users to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow.
Mpg123 Mpg123
5.5
CVSSv3
CVE-2017-9545
The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote malicious users to cause a denial of service (buffer over-read) via a crafted mp3 file.
Mpg123 Mpg123 1.24.0
5.5
CVSSv3
CVE-2017-11126
The III_i_stereo function in libmpg123/layer3.c in mpg123 up to and including 1.25.1 allows remote malicious users to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type != 2" cas...
Mpg123 Mpg123
NA
CVE-2009-1301
Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 prior to 1.7.2 allows remote malicious users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: som...
Mpg123 Mpg123 0.59n
Mpg123 Mpg123 0.59r
Mpg123 Mpg123 Pre0.59s R11
Mpg123 Mpg123 0.59q
Mpg123 Mpg123 0.62
Mpg123 Mpg123 0.59m
Mpg123 Mpg123 1.6.4
Mpg123 Mpg123 0.59o
Mpg123 Mpg123 Pre0.59s
Mpg123 Mpg123 1.7.0
Mpg123 Mpg123 0.59s
Mpg123 Mpg123
Mpg123 Mpg123 0.59p
Mpg123 Mpg123 1.6.3
NA
CVE-2007-4396
Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3, (2) l33tmusic.pl 2.00, (3) mpg123.pl 0.01, (4) ogg123.pl 0.01, (5) xmms.pl 2.0, (6) xmms2.pl 1.1.3, and (7) xmmsinfo.pl 1.1.1.1 scripts for irssi prior to 0.8.11 allow user-assisted remote malicious users to execute ar...
Irssi Irssi
NA
CVE-2007-4397
Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote malicious users to execute...
Tuomas Jormola Xmmsinfo 1.1.1.1
Ricardo Mesquita Ogg123 0.01
Mikachu L33t Xmms Music Showing Script 2.00
Simon Xmms2 1.1.3
Kristof Korwisi Ixmmsa 0.3
Irssi Irssi
Ricardo Mesquita Mpg123 0.01
NA
CVE-2007-0578
The http_open function in httpget.c in mpg123 prior to 0.64 allows remote malicious users to cause a denial of service (infinite loop) by closing the HTTP connection early.
Mpg123 Mpg123 0.59n
Mpg123 Mpg123 0.59r
Mpg123 Mpg123 Pre0.59s R11
Mpg123 Mpg123 0.59q
Mpg123 Mpg123 0.62
Mpg123 Mpg123 0.59m
Mpg123 Mpg123 0.59o
Mpg123 Mpg123 Pre0.59s
Mpg123 Mpg123 0.59s
Mpg123 Mpg123 0.63
Mpg123 Mpg123 0.59p
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »