Visualizza versione completa : mpg123 Mpeg Layer-2 Buffer Overflow Vulnerability

11-01-2005, 14.47.58
Yuri D'Elia has reported a vulnerability in mpg123, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error in the parsing of frame headers for layer-2 streams. This may be exploited to cause a heap-based buffer overflow via a specially crafted MP2 or MP3 file.

Leggi: http://secunia.com/advisories/13779/