Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mpg123 vulnerabilities and exploits
(subscribe to this query)
8.3
CVSSv3
CVE-2017-12839
A heap-based buffer over-read in the getbits function in src/libmpg123/getbits.h in mpg123 up to and including 1.25.5 allows remote malicious users to cause a possible denial-of-service (out-of-bounds read) or possibly have unspecified other impact via a crafted mp3 file.
Mpg123 Mpg123
7.5
CVSSv3
CVE-2014-9497
Buffer overflow in mpg123 prior to 1.18.0.
Mpg123 Mpg123
7.5
CVSSv3
CVE-2017-10683
In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack.
Mpg123 Mpg123 1.25.0
5.5
CVSSv3
CVE-2017-12797
Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 prior to 1.25.5 on 32-bit platforms allows remote malicious users to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow.
Mpg123 Mpg123
5.5
CVSSv3
CVE-2017-9545
The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote malicious users to cause a denial of service (buffer over-read) via a crafted mp3 file.
Mpg123 Mpg123 1.24.0
5.5
CVSSv3
CVE-2017-11126
The III_i_stereo function in libmpg123/layer3.c in mpg123 up to and including 1.25.1 allows remote malicious users to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type != 2" cas...
Mpg123 Mpg123
NA
CVE-2009-1301
Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 prior to 1.7.2 allows remote malicious users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: som...
Mpg123 Mpg123 0.59m
Mpg123 Mpg123 0.59n
Mpg123 Mpg123 0.59o
Mpg123 Mpg123 0.59p
Mpg123 Mpg123 1.6.3
Mpg123 Mpg123
Mpg123 Mpg123 0.59q
Mpg123 Mpg123 0.59r
Mpg123 Mpg123 1.7.0
Mpg123 Mpg123 1.6.4
Mpg123 Mpg123 0.62
Mpg123 Mpg123 0.59s
Mpg123 Mpg123 Pre0.59s
Mpg123 Mpg123 Pre0.59s R11
NA
CVE-2007-4396
Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3, (2) l33tmusic.pl 2.00, (3) mpg123.pl 0.01, (4) ogg123.pl 0.01, (5) xmms.pl 2.0, (6) xmms2.pl 1.1.3, and (7) xmmsinfo.pl 1.1.1.1 scripts for irssi prior to 0.8.11 allow user-assisted remote malicious users to execute ar...
Irssi Irssi
NA
CVE-2007-4397
Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote malicious users to execute...
Ricardo Mesquita Ogg123 0.01
Simon Xmms2 1.1.3
Mikachu L33t Xmms Music Showing Script 2.00
Ricardo Mesquita Mpg123 0.01
Kristof Korwisi Ixmmsa 0.3
Tuomas Jormola Xmmsinfo 1.1.1.1
Irssi Irssi
NA
CVE-2007-0578
The http_open function in httpget.c in mpg123 prior to 0.64 allows remote malicious users to cause a denial of service (infinite loop) by closing the HTTP connection early.
Mpg123 Mpg123 0.59m
Mpg123 Mpg123 0.59n
Mpg123 Mpg123 Pre0.59s
Mpg123 Mpg123 Pre0.59s R11
Mpg123 Mpg123 0.59q
Mpg123 Mpg123 0.59r
Mpg123 Mpg123 0.59o
Mpg123 Mpg123 0.59p
Mpg123 Mpg123 0.59s
Mpg123 Mpg123 0.62
Mpg123 Mpg123 0.63
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »