Vulnerability Details : CVE-2007-0578
The http_open function in httpget.c in mpg123 before 0.64 allows remote attackers to cause a denial of service (infinite loop) by closing the HTTP connection early.
Vulnerability category: Denial of service
Products affected by CVE-2007-0578
- cpe:2.3:a:mpg123:mpg123:0.59r:*:*:*:*:*:*:*
- cpe:2.3:a:mpg123:mpg123:pre0.59s:*:*:*:*:*:*:*
- cpe:2.3:a:mpg123:mpg123:0.59s:*:*:*:*:*:*:*
- cpe:2.3:a:mpg123:mpg123:0.59m:*:*:*:*:*:*:*
- cpe:2.3:a:mpg123:mpg123:0.59o:*:*:*:*:*:*:*
- cpe:2.3:a:mpg123:mpg123:0.59q:*:*:*:*:*:*:*
- cpe:2.3:a:mpg123:mpg123:0.59n:*:*:*:*:*:*:*
- cpe:2.3:a:mpg123:mpg123:0.59p:*:*:*:*:*:*:*
- cpe:2.3:a:mpg123:mpg123:pre0.59s_r11:*:*:*:*:*:*:*
- cpe:2.3:a:mpg123:mpg123:0.62:*:*:*:*:*:*:*
- cpe:2.3:a:mpg123:mpg123:0.63:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-0578
1.64%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-0578
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
References for CVE-2007-0578
-
http://www.mandriva.com/security/advisories?name=MDKSA-2007:032
Mandriva
-
http://www.vupen.com/english/advisories/2007/0366
Site en construction
-
http://sourceforge.net/project/shownotes.php?group_id=135704&release_id=478747
mpg123 download | SourceForge.netPatch;Vendor Advisory
-
http://www.mpg123.de/cgi-bin/news.cgi
mpg123: news archivePatch;Vendor Advisory
-
http://www.securityfocus.com/bid/22274
Patch;Vendor Advisory
Jump to