Download
| Alert*
oval:org.secpod.oval:def:113246
mpg123 is installed oval:org.secpod.oval:def:704567 mpg123 is installed oval:org.secpod.oval:def:1800275 The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows attackers to cause a denial of service via a crafted audio file that is mishandled in the code for the "block_type != 2" case, a similar issue to CVE-2017-9870. Fixed In Version: mpg123 1.25.2 oval:org.secpod.oval:def:1800276 mpg123 is installed oval:org.secpod.oval:def:1800898 The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows attackers to cause a denial of service via a crafted audio file that is mishandled in the code for the "block_type != 2" case, a similar issue to CVE-2017-9870. Fixed In Version: mpg123 1.25.2 oval:org.secpod.oval:def:113648 Real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2 and 3 , as well as re-usable decoding and output libraries. oval:org.secpod.oval:def:113245 Real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2 and 3 , as well as re-usable decoding and output libraries. oval:org.secpod.oval:def:113252 Real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2 and 3 , as well as re-usable decoding and output libraries. oval:org.secpod.oval:def:2001261 In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack. oval:org.secpod.oval:def:1900215 Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow. oval:org.secpod.oval:def:2001087 Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow. oval:org.secpod.oval:def:1901032 The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service via a crafted mp3 file. oval:org.secpod.oval:def:2001044 The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service via a crafted mp3 file. oval:org.secpod.oval:def:1901155 The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service via a crafted audio file that is mishandled in the code for the "block_type != 2" case, a similar issue to CVE-2017-9870. oval:org.secpod.oval:def:2000735 The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service via a crafted audio file that is mishandled in the code for the "block_type != 2" case, a similar issue to CVE-2017-9870. oval:org.secpod.oval:def:1800327 The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows attackers to cause a denial of service via a crafted audio file that is mishandled in the code for the "block_type != 2" case, a similar issue to CVE-2017-9870. Fixed In Version mpg123 1.25.2 |