header-logo
Suggest Exploit
vendor:
mpg123
by:
Unknown
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: mpg123
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: None provided
CPE: a:mpg123:mpg123
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Remote Client-Side Buffer Overflow in mpg123

The vulnerability is caused by a lack of proper validation of user-supplied strings before copying them into static process buffers. An attacker can exploit this vulnerability to execute arbitrary code with the privileges of the user who activated the vulnerable application, potentially leading to unauthorized access or privilege escalation.

Mitigation:

Apply the latest patch or update from the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11958/info

A remote client-side buffer overflow vulnerability affects mpg123. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.

An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/24852.list