CVE-2009-1301

EPSS 8.80% · P93 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-1301

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtained from third party information.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

mpg123 'libmpg123/id3.cs'内存破坏漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

mpg123是软件开发者Michael Hipp所研发的一款使用于Linux和Unix操作系统下的MPEG音频播放器和解码库。 mpg123的libmpg123/id3.c文件的store_id3_text()函数中存在符号错误。如果用户受骗打开了设置有特制ID3标签的媒体文件的话，就可以出发越界内存访问，导致执行任意代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-1301

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-1301

请登录查看更多情报信息。

http://sourceforge.net/project/shownotes.php?release_id=673696x_refsource_CONFIRM
http://bugs.gentoo.org/show_bug.cgi?id=265342x_refsource_CONFIRM
http://secunia.com/advisories/34748third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/34587third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/34381vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2009/0936vdb-entryx_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200904-15.xmlvendor-advisoryx_refsource_GENTOO
https://nvd.nist.gov/vuln/detail/CVE-2009-1301

Same Patch Batch · n/a · 2009-04-16 · 10 CVEs total

CVE-2007-2238		Microsoft IAG 2007 ActiveX控件栈溢出漏洞
CVE-2008-4830		SAP GUI KWEditActiveX控件不安全SaveDocumentAs()调用漏洞
CVE-2008-5259		DivX Web Player STRF块处理堆溢出漏洞
CVE-2009-0196		Ghostscript jbig2dec库JBIG2处理堆溢出漏洞
CVE-2009-0579		kernel linux-pam '/etc/shadow'权限许可和访问控制漏洞
CVE-2009-1285		phpMyAdmin "ConfigFile.class.php"函数 PHP代码注入漏洞
CVE-2009-1293		Novell Teaming 用户枚举漏洞
CVE-2009-1294		Novell Teaming 'web/guest/home'跨站脚本攻击漏洞
CVE-2009-1300		apt 输入验证错误漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-1301

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2009-1301

I. Basic Information for CVE-2009-1301

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-1301

III. Intelligence Information for CVE-2009-1301

Same Patch Batch · n/a · 2009-04-16 · 10 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2009-1301

Leave a comment