CVE-2004-0982 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2004-0982 Interim 1 4 2023-12-09T02:24:23Z current 2021-05-30T12:30:52Z 2023-12-09T02:24:23Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2004-0982 Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ (at sign) in a URL. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HFEMFGWHULTDRGIZVIWCFPC36OPKE32H/#HFEMFGWHULTDRGIZVIWCFPC36OPKE32H E-Mail link for SUSE-SR:2005:002 https://www.suse.com/support/security/rating/ SUSE Security Ratings Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ (at sign) in a URL. CVE-2004-0982 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C