5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
High
0.011 Low
EPSS
Percentile
84.5%
Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary code via a long command line argument. NOTE: if mp3info is not installed setuid or setgid in any reasonable context, then this issue might not be a vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
mp3info:mp3info | mp3info | eq | 0.8.4 |
osvdb.org/show/osvdb/30945
packetstormsecurity.com/files/124955/Mp3info-Stack-Buffer-Overflow.html
packetstormsecurity.com/files/125786/MP3Info-0.8.5-SEH-Buffer-Overflow.html
securitytracker.com/id?1016108
www.exploit-db.com/exploits/32358
www.securiteam.com/exploits/5GP0E15IKO.html
www.securityfocus.com/bid/18016