Searching mp3 software vulnerabilities

The gnapster and knapster clients for Napster d

specifying | attackers | arbitrary | properly | restrict | knapster | gnapster | pathname | clients | Napster | remote | allows | access | client | files | which | only | full | read | file | not | MP3 |

The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file.


Buffer overflows in icecast 1.3.11 and earlier

overflows | icecast | Buffer |

Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client.


RealPlayer 8 allows remote attackers to cause a

RealPlayer | attackers | service | denial | remote | allows | cause |

RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files.


Buffer overflow in Winamp 2.81 allows remote at

overflow | Winamp | Buffer |

Buffer overflow in Winamp 2.81 allows remote attackers to execute arbitrary code via a long Artist ID3v2 tag in an MP3 file.


mpg123 0.59r allows remote attackers to cause a

attackers | arbitrary | possibly | negative | execute | creates | bitrate | service | mpg123 | allows | remote | denial | which | cause | frame | size | 059r | code | zero | file | MP3 | via |

mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size.


Integer overflow in MP3Broadcaster for Apple Qu

QuickTime/Darwin | MP3Broadcaster | Streaming | overflow | Integer | Server | Apple |

Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed ID3 tags in MP3 files.


Buffer overflow in layer2.c in mpg123 0.59r and

arbitrary | attackers | possibly | overflow | certain | layer2c | execute | remote | mpg123 | Buffer | allows | code | 059r | 059s | via |

Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.


Buffer overflow in the getauthfromURL function

getauthfromURL | attackers | arbitrary | contains | overflow | function | httpgetc | execute | pre059s | Buffer | remote | mpg123 | before | string | could | allow | users | local | long | file | code | 059r | via | mp3 |

Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ (at sign) in a URL.


Buffer overflow in mpg123 before 0.59s-r9 allow

arbitrary | attackers | overflow | headers | execute | 059s-r9 | mpg123 | Buffer | before | allows | remote | frame | files | code | MP3 | via | MP2 |

Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files.


Buffer overflow in the find_next_file function

find_next_file | playlistc | attackers | arbitrary | overflow | playlist | function | execute | crafted | Buffer | mpg123 | remote | allows | 059r | code | via | MP3 |

Buffer overflow in the find_next_file function in playlist.c for mpg123 0.59r allows remote attackers to execute arbitrary code via a crafted MP3 playlist.


The id3tag_sort function in id3tag.c for YAMT 0

id3tag_sort | attackers | arbitrary | function | commands | execute | id3tagc | double | Artist | quotes | remote | allows | file | YAMT | tag | via | MP3 |

The id3tag_sort function in id3tag.c for YAMT 0.5 allows remote attackers to execute arbitrary commands via an MP3 file with double quotes in the Artist tag.


Format string vulnerability in SHOUTcast 1.9.4

vulnerability | SHOUTcast | Format | string |

Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.


Unknown vulnerability in RealPlayer 10 and 10.5

vulnerability | RealPlayer | Unknown |

Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and RealOne Player v1 and v2 allows remote attackers to overwrite arbitrary files or execute arbitrary ActiveX controls via a crafted MP3 file.


Buffer overflow in Winamp 5.03a, 5.09 and 5.091

overflow | Winamp | Buffer | 503a |

Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE.


Cross-site scripting (XSS) vulnerability in Sea

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Search.asp in SiteBeater MP3 Catalog 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.


Multiple buffer overflows in mpg123 0.59r allow

user-assisted | segmentation | demonstrated | attackers | overflows | possibly | Multiple | mpg1DoS3 | certain | impacts | trigger | buffer | mpg123 | other | fault | allow | file | have | 059r | via | MP3 |

Multiple buffer overflows in mpg123 0.59r allow user-assisted attackers to trigger a segmentation fault and possibly have other impacts via a certain MP3 file, as demonstrated by mpg1DoS3. NOTE: this issue might be related to CVE-2004-0991, but it is not clear.


Cross-site scripting (XSS) vulnerability in ind

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in index.php in MP3 Search/Archive 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter, as used by the "search box", and (2) res parameter.


Stack-based buffer overflow in AtomixMP3 allows

CVE-2006-6287 | Stack-based | attackers | arbitrary | different | AtomixMP3 | overflow | filename | execute | vector | remote | allows | buffer | than | file | code | long | MP3 | via |

Stack-based buffer overflow in AtomixMP3 allows remote attackers to execute arbitrary code via a long filename in an MP3 file, a different vector than CVE-2006-6287.


Multiple unspecified scripts in mIRC allow user

user-assisted | unspecified | attackers | arbitrary | Multiple | scripts | execute | remote | allow | code | mIRC | '|' | via |

Multiple unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.


The mIRC Control Plug-in for Winamp allows user

user-assisted | attackers | arbitrary | execute | Control | Plug-in | remote | Winamp | allows | code | mIRC | '|' | via |

The mIRC Control Plug-in for Winamp allows user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.


Software vulnerabilities results 1 to 20 of 39     
Page: 12