Buffer overflows in mpg321 before 0.2.9 allows local and possibly remote attackers to execute arbitrary code via a long URL to (1) a command line option, (2) an HTTP request, or (3) an FTP request.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mpg321 | mpg321 | 0.2.9 |
| mpg321 | mpg321 | 0.2.3 |
| mpg321 | mpg321 | 0.2.2 |
mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mpg321 | mpg321 | 0.2.10 |