CVE-2009-1301 - OpenCVE

Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtained from third party information.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Mpg123	Mpg123

Configuration 1 [-]

OR	cpe:2.3:a:mpg123:mpg123::::::::
	cpe:2.3:a:mpg123:mpg123:0.59m:::::::*
	cpe:2.3:a:mpg123:mpg123:0.59n:::::::*
	cpe:2.3:a:mpg123:mpg123:0.59o:::::::*
	cpe:2.3:a:mpg123:mpg123:0.59p:::::::*
	cpe:2.3:a:mpg123:mpg123:0.59q:::::::*
	cpe:2.3:a:mpg123:mpg123:0.59r:::::::*
	cpe:2.3:a:mpg123:mpg123:0.59s:::::::*
	cpe:2.3:a:mpg123:mpg123:0.62:::::::*
	cpe:2.3:a:mpg123:mpg123:1.6.3:::::::*
	cpe:2.3:a:mpg123:mpg123:1.6.4:::::::*
	cpe:2.3:a:mpg123:mpg123:1.7.0:::::::*
	cpe:2.3:a:mpg123:mpg123:pre0.59s:::::::*
	cpe:2.3:a:mpg123:mpg123:pre0.59s_r11:::::::*

References

Link	Resource
http://bugs.gentoo.org/show_bug.cgi?id=265342
http://secunia.com/advisories/34587	Vendor Advisory
http://secunia.com/advisories/34748
http://sourceforge.net/mailarchive/message.php?msg_name=20090405211856.41696433%40sunscreen.local
http://sourceforge.net/project/shownotes.php?release_id=673696
http://www.gentoo.org/security/en/glsa/glsa-200904-15.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:093
http://www.securityfocus.com/bid/34381
http://www.vupen.com/english/advisories/2009/0936	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2009-04-16T15:00:00

Updated: 2009-04-28T09:00:00

Reserved: 2009-04-16T00:00:00

Link: CVE-2009-1301

JSON object: View

NVD Information

Status : Modified

Published: 2009-04-16T15:12:57.483

Modified: 2009-04-29T05:29:32.017

Link: CVE-2009-1301

JSON object: View

Redhat Information

No data.

CWE

CWE-189

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-04-06T00:00:00", "descriptions": [{"lang": "en", "value": "Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-04-28T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=265342"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/project/shownotes.php?release_id=673696"}, {"name": "MDVSA-2009:093", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:093"}, {"name": "34748", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34748"}, {"name": "34587", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34587"}, {"name": "34381", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/34381"}, {"name": "ADV-2009-0936", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/0936"}, {"name": "GLSA-200904-15", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200904-15.xml"}, {"name": "[mpg123-devel] 20090405 mpg123 1.7.2 is out -- important security fix!", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://sourceforge.net/mailarchive/message.php?msg_name=20090405211856.41696433%40sunscreen.local"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-1301", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://bugs.gentoo.org/show_bug.cgi?id=265342", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=265342"}, {"name": "http://sourceforge.net/project/shownotes.php?release_id=673696", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?release_id=673696"}, {"name": "MDVSA-2009:093", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:093"}, {"name": "34748", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34748"}, {"name": "34587", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34587"}, {"name": "34381", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34381"}, {"name": "ADV-2009-0936", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/0936"}, {"name": "GLSA-200904-15", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200904-15.xml"}, {"name": "[mpg123-devel] 20090405 mpg123 1.7.2 is out -- important security fix!", "refsource": "MLIST", "url": "http://sourceforge.net/mailarchive/message.php?msg_name=20090405211856.41696433%40sunscreen.local"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-1301", "datePublished": "2009-04-16T15:00:00", "dateReserved": "2009-04-16T00:00:00", "dateUpdated": "2009-04-28T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mpg123:mpg123:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE444055-2ECC-4E90-BAEB-1D7F8A1C7045", "versionEndIncluding": "1.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:0.59m:*:*:*:*:*:*:*", "matchCriteriaId": "A46F3026-9958-460C-AB14-593C216E12D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:0.59n:*:*:*:*:*:*:*", "matchCriteriaId": "4D782ECC-6223-4055-A812-36625B50517D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:0.59o:*:*:*:*:*:*:*", "matchCriteriaId": "74027FB8-195D-432C-A4AB-83829C81FFBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:0.59p:*:*:*:*:*:*:*", "matchCriteriaId": "2330232E-59BF-4885-84DC-879BAB98BA81", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:0.59q:*:*:*:*:*:*:*", "matchCriteriaId": "124B56BC-EF2F-42D8-81B5-AD4E854CA9BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:0.59r:*:*:*:*:*:*:*", "matchCriteriaId": "1F8EEF7E-C6BB-4669-81D2-68AABF8A7686", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:0.59s:*:*:*:*:*:*:*", "matchCriteriaId": "1144518D-4069-4903-9B45-56C0E97BC992", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:0.62:*:*:*:*:*:*:*", "matchCriteriaId": "F101A71C-6467-4008-9CCB-E2B9F69513FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "D5C11F12-01A2-48A7-9A4D-4D07E6C2D8D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:1.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "93106E19-1059-4040-A5FA-569A1B7EF8C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:1.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "F7123CC8-1F0C-4069-A2DA-0A25418E551E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:pre0.59s:*:*:*:*:*:*:*", "matchCriteriaId": "9AE94FDE-EC0C-48A1-A1E9-B4112CA4B0D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mpg123:mpg123:pre0.59s_r11:*:*:*:*:*:*:*", "matchCriteriaId": "9765C6AD-E1F0-421C-B7B1-C09AD83A3DB7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "Error de presencia de signo entero en la funci\u00f3n store_id3_text en el c\u00f3digo ID3v2 en mpg123 antes de 1.7.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (acceso a memoria fuera de rango) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante una etiqueta ID3 con un valor de codificaci\u00f3n negativo. NOTA: algunos de estos detalles se han obtenido de informaci\u00f3n de terceros."}], "id": "CVE-2009-1301", "lastModified": "2009-04-29T05:29:32.017", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-04-16T15:12:57.483", "references": [{"source": "cve@mitre.org", "url": "http://bugs.gentoo.org/show_bug.cgi?id=265342"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34587"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/34748"}, {"source": "cve@mitre.org", "url": "http://sourceforge.net/mailarchive/message.php?msg_name=20090405211856.41696433%40sunscreen.local"}, {"source": "cve@mitre.org", "url": "http://sourceforge.net/project/shownotes.php?release_id=673696"}, {"source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200904-15.xml"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:093"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/34381"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/0936"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}