6 matches found
Mageia: Security Advisory (MGASA-2017-0249)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mpg123 FEDORA-2017-172410ec92
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mpg123 FEDORA-2017-c89d94d812
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated mpg123 packages fix security vulnerabilities
The nexttext function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service buffer over-read via a crafted mp3 file CVE-2017-9545. Invalid read of size 1 in ID3v2 parser due to forgotten offset from the frame flag bytes CVE-2017-10683. Extend pow tables for...
ALPINE-CVE-2017-9545
The nexttext function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service buffer over-read via a crafted mp3 file...
CVE-2017-9545
CVE-2017-9545 affects mpg123 1.24.0, where the next_text path in src/libmpg123/id3.c accepts crafted MP3s to trigger a denial of service via a buffer over-read. The Mageia MGASA-2017-0249 advisory explicitly lists CVE-2017-9545 with this cause, and Ubuntu USN-4806-1 (and Fedora updates) reference...