CVE-2007-0578
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/01/2007
Last modified:
09/04/2025
Description
The http_open function in httpget.c in mpg123 before 0.64 allows remote attackers to cause a denial of service (infinite loop) by closing the HTTP connection early.
Impact
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:mpg123:mpg123:0.59m:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mpg123:mpg123:0.59n:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mpg123:mpg123:0.59o:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mpg123:mpg123:0.59p:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mpg123:mpg123:0.59q:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mpg123:mpg123:0.59r:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mpg123:mpg123:0.59s:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mpg123:mpg123:0.62:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mpg123:mpg123:0.63:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mpg123:mpg123:pre0.59s:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mpg123:mpg123:pre0.59s_r11:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://osvdb.org/40128
- http://sourceforge.net/project/shownotes.php?group_id=135704&release_id=478747
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A032
- http://www.mpg123.de/cgi-bin/news.cgi
- http://www.securityfocus.com/bid/22274
- http://www.vupen.com/english/advisories/2007/0366
- http://osvdb.org/40128
- http://sourceforge.net/project/shownotes.php?group_id=135704&release_id=478747
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A032
- http://www.mpg123.de/cgi-bin/news.cgi
- http://www.securityfocus.com/bid/22274
- http://www.vupen.com/english/advisories/2007/0366