Количество 10
Количество 10
GHSA-7m7j-pgpw-9g75
An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector.
CVE-2024-10573
An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector.
CVE-2024-10573
An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector.
CVE-2024-10573
An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector.
CVE-2024-10573
An out-of-bounds write flaw was found in mpg123 when handling crafted ...
ROS-20241220-02
Уязвимость mpg123
RLSA-2024:11193
Moderate: mpg123 security update
ELSA-2024-11242
ELSA-2024-11242: mpg123:1.32.9 security update (MODERATE)
ELSA-2024-11193
ELSA-2024-11193: mpg123 security update (MODERATE)
BDU:2024-11493
Уязвимость консольного MPEG аудиоплеера mpg123, связанная с возможностью записи за границами выделенной памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-7m7j-pgpw-9g75 An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector. | CVSS3: 6.7 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-10573 An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector. | CVSS3: 6.7 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-10573 An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector. | CVSS3: 6.7 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-10573 An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector. | CVSS3: 6.7 | 0% Низкий | 8 месяцев назад |
| CVE-2024-10573 An out-of-bounds write flaw was found in mpg123 when handling crafted ... | CVSS3: 6.7 | 0% Низкий | 8 месяцев назад |
 | ROS-20241220-02 Уязвимость mpg123 | CVSS3: 6.7 | 0% Низкий | 6 месяцев назад |
 | RLSA-2024:11193 Moderate: mpg123 security update | 0% Низкий | около 2 месяцев назад | |
| ELSA-2024-11242 ELSA-2024-11242: mpg123:1.32.9 security update (MODERATE) | 6 месяцев назад | ||
| ELSA-2024-11193 ELSA-2024-11193: mpg123 security update (MODERATE) | 6 месяцев назад | ||
 | BDU:2024-11493 Уязвимость консольного MPEG аудиоплеера mpg123, связанная с возможностью записи за границами выделенной памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании | CVSS3: 6.7 | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу