CVE-2004-0991
EPSS 5.0%
Description
Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files.
How to fix CVE-2004-0991
To remediate CVE-2004-0991, upgrade the affected package to a fixed version below.
- Debian/mp3gain—upgrade to 1.5.2-r2-6 or later
- Debian/mpg123—upgrade to 0.59r-19 or later
Is CVE-2004-0991 being exploited?
Moderate — EPSS is 5.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.5.2-r2-6
- from 0, < 0.59r-19