CVE-2006-2465

Mp3info - Buffer Overflow

Title source: rule

Description

Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary code via a long command line argument. NOTE: if mp3info is not installed setuid or setgid in any reasonable context, then this issue might not be a vulnerability.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Ayman Sagy · perllocalwindows

https://www.exploit-db.com/exploits/32358

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by jsacco · pythondoslinux

https://www.exploit-db.com/exploits/31220

View Code ZIP pw:eip

References (7)

[Exploit, Third Party Advisory] http://packetstormsecurity.com/files/124955/Mp3info-Stack-Buffer-Overflow.html

[Exploit, Third Party Advisory] http://packetstormsecurity.com/files/125786/MP3Info-0.8.5-SEH-Buffer-Overflow.html

[Exploit] http://www.securiteam.com/exploits/5GP0E15IKO.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/18016

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/32358

[Third Party Advisory, VDB Entry] http://osvdb.org/show/osvdb/30945

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1016108

Scores

EPSS 0.2566

EPSS Percentile 96.3%

Details

Status published

Products (1)

mp3info/mp3info 0.8.4

Published May 19, 2006

Tracked Since Feb 18, 2026