<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <glsa id="200904-15"> <title>mpg123: User-assisted execution of arbitrary code</title> <synopsis> An error in mpg123 might allow for the execution of arbitrary code. </synopsis> <product type="ebuild">mpg123</product> <announced>2009-04-16</announced> <revised count="01">2009-04-16</revised> <bug>265342</bug> <access>remote</access> <affected> <package name="media-sound/mpg123" auto="yes" arch="*"> <unaffected range="ge">1.7.2</unaffected> <vulnerable range="lt">1.7.2</vulnerable> </package> </affected> <background> <p> mpg123 is a realtime MPEG 1.0/2.0/2.5 audio player for layers 1, 2 and 3. </p> </background> <description> <p> The vendor reported a signedness error in the store_id3_text() function in id3.c, allowing for out-of-bounds memory access. </p> </description> <impact type="normal"> <p> A remote attacker could entice a user to open an MPEG-1 Audio Layer 3 (MP3) file containing a specially crafted ID3 tag, possibly resulting in the execution of arbitrary code with the privileges of the user running the application. </p> </impact> <workaround> <p> There is no known workaround at this time. </p> </workaround> <resolution> <p> All mpg123 users should upgrade to the latest version: </p> <code> # emerge --sync # emerge --ask --oneshot --verbose ">=media-sound/mpg123-1.7.2"</code> </resolution> <references> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1301">CVE-2009-1301</uri> </references> <metadata tag="requester" timestamp="2009-04-11T20:51:15Z"> keytoaster </metadata> <metadata tag="submitter" timestamp="2009-04-11T21:15:29Z"> a3li </metadata> <metadata tag="bugReady" timestamp="2009-04-16T21:52:59Z"> a3li </metadata> </glsa>