CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
60.6%
Package : mpg123
Version : 1.14.4-1+deb7u2
CVE ID : CVE-2017-10683
Debian Bug : #866860
It was discovered that there was a remote denial of service vulnerability in
the mpg123 audio library/player. This was caused by a heap-based buffer
over-read in the "convert_latin1" function.
For Debian 7 "Wheezy", this issue has been fixed in mpg123 version
1.14.4-1+deb7u2.
We recommend that you upgrade your mpg123 packages.
Regards,
,''`.
: :' : Chris Lamb
`. `'` [email protected] / chris-lamb.co.uk
`-
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | armel | mpg123 | < 1.14.4-1+deb7u2 | mpg123_1.14.4-1+deb7u2_armel.deb |
Debian | 7 | i386 | libmpg123-dev | < 1.14.4-1+deb7u2 | libmpg123-dev_1.14.4-1+deb7u2_i386.deb |
Debian | 7 | i386 | mpg123 | < 1.14.4-1+deb7u2 | mpg123_1.14.4-1+deb7u2_i386.deb |
Debian | 7 | i386 | libmpg123-0 | < 1.14.4-1+deb7u2 | libmpg123-0_1.14.4-1+deb7u2_i386.deb |
Debian | 7 | amd64 | mpg123 | < 1.14.4-1+deb7u2 | mpg123_1.14.4-1+deb7u2_amd64.deb |
Debian | 7 | armhf | mpg123 | < 1.14.4-1+deb7u2 | mpg123_1.14.4-1+deb7u2_armhf.deb |
Debian | 7 | all | mpg123 | < 1.14.4-1+deb7u2 | mpg123_1.14.4-1+deb7u2_all.deb |
Debian | 7 | armhf | libmpg123-dev | < 1.14.4-1+deb7u2 | libmpg123-dev_1.14.4-1+deb7u2_armhf.deb |
Debian | 7 | amd64 | libmpg123-dev | < 1.14.4-1+deb7u2 | libmpg123-dev_1.14.4-1+deb7u2_amd64.deb |
Debian | 7 | amd64 | libmpg123-0 | < 1.14.4-1+deb7u2 | libmpg123-0_1.14.4-1+deb7u2_amd64.deb |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
60.6%