CVE-2003-0577
EPSS 5.2%
Description
mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size.
How to fix CVE-2003-0577
To remediate CVE-2003-0577, upgrade the affected package to a fixed version below.
- Debian/mp3gain—upgrade to 1.5.2-r2-6 or later
- Debian/mpg123—upgrade to 0.59r-1 or later
Is CVE-2003-0577 being exploited?
Moderate — EPSS is 5.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.5.2-r2-6
- from 0, < 0.59r-1