CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0272

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1730%
EPSS Percentile44.19th
PublishedMay 31, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflows in mpg321 before 0.2.9 allows local and possibly remote attackers to execute arbitrary code via a long URL to (1) a command line option, (2) an HTTP request, or (3) an FTP request.

Affected Platforms (CPE)

πŸ“¦
Mpg321

Mpg321

= 0.2.2
πŸ“¦
Mpg321

Mpg321

= 0.2.3
πŸ“¦
Mpg321

Mpg321

= 0.2.9

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=101366518310823&w=2
πŸ”— http://marc.info/?l=vuln-dev&m=101355590918475&w=2
πŸ”— http://sourceforge.net/project/shownotes.php?release_id=79237
πŸ”— http://www.securityfocus.com/bid/4091
πŸ”— http://marc.info/?l=bugtraq&m=101366518310823&w=2
πŸ”— http://marc.info/?l=vuln-dev&m=101355590918475&w=2
πŸ”— http://sourceforge.net/project/shownotes.php?release_id=79237
πŸ”— http://www.securityfocus.com/bid/4091

Related Vulnerabilities

CVE-2003-09697.5

mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain ...

CVE-2017-115526.5

mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a d...

CVE-2019-142475.5

The scan() function in mad.c in mpg321 0.3.2 allows remote attackers to trigger an out-of-bounds write via a zero bitrate in an MP...

CVE-2002-074710.0

Buffer overflow in lsmcode in AIX 4.3.3.