mpg123 -- playlist processing buffer overflow vulnerability

2004-12-15T00:00:00
ID 877E918E-5362-11D9-96D4-00065BE4B5B6
Type freebsd
Reporter FreeBSD
Modified 2005-01-13T00:00:00

Description

A buffer overflow vulnerability exists in the playlist processing of mpg123. A specially crafted playlist entry can cause a stack overflow that can be used to inject arbitrary code into the mpg123 process. Note that a malicious playlist, demonstrating this vulnerability, was released by the bug finder and may be used as a template by attackers.