mpg123 'convert_latin1' heap buffer overflow vulnerability

mpg123 is a MPEG audio player and decoding library for Linux and Unix operating systems developed by software developer Michael Hipp. A heap buffer overflow vulnerability exists in the 'convertlatin1' function in the libmpg123/id3.c file in mpg123 version 1.25.0. A remote attacker can exploit thi...

CVE-2017-10683

In mpg123 1.25.0, there is a heap-based buffer over-read in the convertlatin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack...

CVE-2017-10683

In mpg123 1.25.0, there is a heap-based buffer over-read in the convertlatin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack...

CVE-2017-10683

In mpg123 1.25.0, there is a heap-based buffer over-read in the convertlatin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack...

CVE-2017-10683

In mpg123 1.25.0, there is a heap-based buffer over-read in the convertlatin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack...

CVE-2017-10683

CVE-2017-10683 affects mpg123 prior to upstream releases 1.25.6/1.25.7, via a heap-based over-read in convert_latin1() in libmpg123/id3.c that enables remote denial of service. Advisories reference upstream fixes and vendor releases (e.g., Fedora/openSUSE patches to 1.25.6/1.25.7). The initial de...