Lucene search

[email protected]NVD:CVE-2004-0982

HistoryFeb 09, 2005 - 5:00 a.m.

CVE-2004-0982

2005-02-0905:00:00

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.037 Low

EPSS

Percentile

91.9%

JSON

Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ (at sign) in a URL.

Affected configurations

NVD

Node

mpg123mpg123Match0.59r

mpg123mpg123Matchpre0.59s

References

marc.info/?l=bugtraq&m=109834486312407&w=2

secunia.com/advisories/12908

securitytracker.com/id?1011832

www.barrossecurity.com/advisories/mpg123_getauthfromurl_bof_advisory.txt

www.debian.org/security/2004/dsa-578

www.gentoo.org/security/en/glsa/glsa-200410-27.xml

www.osvdb.org/11023

www.securityfocus.com/bid/11468

exchange.xforce.ibmcloud.com/vulnerabilities/17574

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.037 Low

EPSS

Percentile

91.9%

JSON

Related for NVD:CVE-2004-0982

freebsd1 gentoo1 openvas6 cvelist2 debiancve2 nessus4 ubuntucve2 debian2 cve2 osv1 nvd1