Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Gentoo: GLSA-200412-22 Normal: mpg123 Playlist Buffer Overflow Risk

gentoo
Calendar Grey December 21, 2004
Dist Gentoo Esm H88
mpg123 has a buffer overflow vulnerability; an upgrade is suggested to mitigate potential code execution threats. Severity is moderate.
mpg123 is vulnerable to a buffer overflow that allows an attacker to execute arbitrary code through the use of a malicious playlist.

Summary

Gentoo Linux Security Advisory GLSA 200412-22 https://security.gentoo.org/ Severity: Normal Title: mpg123: Playlist buffer overflow Date: December 21, 2004 Bugs: #74692 ID: 200412-22

Synopsis ======= mpg123 is vulnerable to a buffer overflow that allows an attacker to execute arbitrary code through the use of a malicious playlist.
Background ========= mpg123 is a MPEG Audio Player.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-sound/mpg123 < 0.59s-r8 >= 0.59s-r8
========== Bartlomiej Sieka discovered that mpg123 contains an unsafe strcat() to an array in playlist.c. This code vulnerability may lead to a buffer overflow.
Impact ===== A remote attacker co...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo buffer overflow code execution mpg123 risk normal severity

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo buffer overflow code execution mpg123 risk normal severity

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here