CVE-2009-1301
published 2009-04-16CVE-2009-1301: Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service…
PriorityP433critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
5.44%
91.7th percentile
Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtained from third party information.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | mpg123 | < mpg123 1.7.2-1 (bookworm) | mpg123 1.7.2-1 (bookworm) |
| mpg123 | mpg123 | <= 1.7.1 | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | — | — |
| mpg123 | mpg123 | >= 0 < 1.7.2-1 | 1.7.2-1 |
| mpg123 | mpg123 | >= 0 < 1.7.2-1 | 1.7.2-1 |
| mpg123 | mpg123 | >= 0 < 1.7.2-1 | 1.7.2-1 |
| mpg123 | mpg123 | >= 0 < 1.7.2-1 | 1.7.2-1 |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2009-1301: mpg123 - Integer signedness error in the store_id3_text function in the ID3v2 code in mpg...
vendor_debian·2009·CVSS 10.0
CVE-2009-1301 [CRITICAL] CVE-2009-1301: mpg123 - Integer signedness error in the store_id3_text function in the ID3v2 code in mpg...
Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtained from third party information.
Scope: local
bookworm: resolved (fixed in 1.7.2-1)
bullseye: resolved (fixed in 1.7.2-1)
forky: resolved (fixed in 1.7.2-1)
sid: resolved (fixed in 1.7.2-1)
trixie: resolved (fixed in 1.7.2-1)
GHSA
GHSA-m2p5-8fw8-jgcg: Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1
ghsa_unreviewed·2022-05-02
CVE-2009-1301 [HIGH] GHSA-m2p5-8fw8-jgcg: Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1
Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtained from third party information.
OSV
CVE-2009-1301: Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1
osv·2009-04-16·CVSS 10.0
CVE-2009-1301 [CRITICAL] CVE-2009-1301: Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1
Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtained from third party information.
No detection rules found.
Exploit-DB
Foxit Reader 3.0 - Open Execute Action Stack Buffer Overflow (Metasploit)
exploitdb·2012-05-21
CVE-2009-0837 Foxit Reader 3.0 - Open Execute Action Stack Buffer Overflow (Metasploit)
Foxit Reader 3.0 - Open Execute Action Stack Buffer Overflow (Metasploit)
---
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
require 'zlib'
class Metasploit3 'Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow',
'Description' => %q{
This module exploits a buffer overflow in Foxit Reader 3.0 builds 1301 and earlier.
Due to the way Foxit Reader handles the input from an "Launch" action, it is possible
to cause a stack-based buffer overflow, allowing an attacker to gain arbitrary code
execution under the context of the user.
},
'License' => MSF_LICENS
Exploit-DB
Foxit Reader 3.0 (Build 1301) - PDF Universal Buffer Overflow
exploitdb·2009-03-13
CVE-2009-0837 Foxit Reader 3.0 (Build 1301) - PDF Universal Buffer Overflow
Foxit Reader 3.0 (Build 1301) - PDF Universal Buffer Overflow
---
#!/usr/bin/perl
#
# Foxit Reader 3.0 ( s.pdf");
binmode $pdf;
print $pdf $pdf_data1.
$overflow1.$sehjmp.$sehret.$overflow2.
$pdf_data2;
close $pdf;
# milw0rm.com [2009-03-13]
No writeups or analysis indexed.
http://bugs.gentoo.org/show_bug.cgi?id=265342http://secunia.com/advisories/34587http://secunia.com/advisories/34748http://sourceforge.net/mailarchive/message.php?msg_name=20090405211856.41696433%40sunscreen.localhttp://sourceforge.net/project/shownotes.php?release_id=673696http://www.gentoo.org/security/en/glsa/glsa-200904-15.xmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:093http://www.securityfocus.com/bid/34381http://www.vupen.com/english/advisories/2009/0936http://bugs.gentoo.org/show_bug.cgi?id=265342http://secunia.com/advisories/34587http://secunia.com/advisories/34748http://sourceforge.net/mailarchive/message.php?msg_name=20090405211856.41696433%40sunscreen.localhttp://sourceforge.net/project/shownotes.php?release_id=673696http://www.gentoo.org/security/en/glsa/glsa-200904-15.xmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:093http://www.securityfocus.com/bid/34381http://www.vupen.com/english/advisories/2009/0936
2009-04-16
Published