MDKSA-2003:078

Package name

mpg123

Date

2003-07-23

Advisory ID

MDKSA-2003:078

Affected versions

9.1 i586 , CS2.1 i586 , 9.1 i586 , 9.0 i586 , CS2.1 x86_64

Problem description

A vulnerability in the mpg123 mp3 player could allow local and/or remote attackers to cause a DoS and possibly execute arbitrary code via an mp3 file with a zero bitrate, which causes a negative frame size.

Updated packages

9.1 i586

 23f03f1a5a8d973d4454693ce90a69e3  ppc/9.1/RPMS/mpg123-0.59r-17.1mdk.ppc.rpm
ed571f616381f5db2ec5b3e0f898a951  ppc/9.1/SRPMS/mpg123-0.59r-17.1mdk.src.rpm

CS2.1 i586

 22c4645928964dcacdbbb8f4a7ec7757  corporate/2.1/RPMS/mpg123-0.59r-17.1mdk.i586.rpm
ed571f616381f5db2ec5b3e0f898a951  corporate/2.1/SRPMS/mpg123-0.59r-17.1mdk.src.rpm

9.1 i586

 3f2ef5a7a04c7964fde90add7f330039  9.1/RPMS/mpg123-0.59r-17.1mdk.i586.rpm
ed571f616381f5db2ec5b3e0f898a951  9.1/SRPMS/mpg123-0.59r-17.1mdk.src.rpm

9.0 i586

 22c4645928964dcacdbbb8f4a7ec7757  9.0/RPMS/mpg123-0.59r-17.1mdk.i586.rpm
ed571f616381f5db2ec5b3e0f898a951  9.0/SRPMS/mpg123-0.59r-17.1mdk.src.rpm

CS2.1 x86_64

 c73649f8b7e997ac0299b01933ca7f84  x86_64/corporate/2.1/RPMS/mpg123-0.59r-17.1mdk.x86_64.rpm
ed571f616381f5db2ec5b3e0f898a951  x86_64/corporate/2.1/SRPMS/mpg123-0.59r-17.1mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0577
• http://online.securityfocus.com/bid/6629