Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: GLSA-200607-01 Normal: mpg123 Heap Overflow Execution Threat

gentoo
Calendar Grey July 3, 2006
Dist Gentoo Esm H88
Gentoo Security Bulletin announces a critical buffer overflow in ffmpeg, classified as medium severity, requiring prompt action
A heap overflow in mpg123 was discovered, which could result in the execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200607-01 https://security.gentoo.org/ Severity: Normal Title: mpg123: Heap overflow Date: July 03, 2006 Bugs: #133988 ID: 200607-01

Synopsis ======= A heap overflow in mpg123 was discovered, which could result in the execution of arbitrary code.
Background ========= mpg123 is a real time audio player designed for the MPEG format.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-sound/mpg123 < 0.59s-r11 >= 0.59s-r11
========== In httpdget.c, a variable is assigned to the heap, and is supposed to receive a smaller allocation. As this variable was not terminated properly, strncpy() will overwrite the data assigned next...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo arbitrary code execution heap overflow mpg123 normal severity execution threat

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo arbitrary code execution heap overflow mpg123 normal severity execution threat

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here