Описание
The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mpg123 | fixed | 1.25.4-1 | package | |
| mpg123 | no-dsa | stretch | package | |
| mpg123 | no-dsa | jessie | package | |
| mpg123 | no-dsa | wheezy | package |
Примечания
http://seclists.org/fulldisclosure/2017/Jul/65
EPSS
Процентиль: 71%
0.00671
Низкий
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 8 лет назад
The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file.
CVSS3: 5.5
nvd
больше 8 лет назад
The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file.
CVSS3: 5.5
github
больше 3 лет назад
The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file.
EPSS
Процентиль: 71%
0.00671
Низкий