Mandriva Linux Security Advisory 2009-093 – Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute some of these details are obtained from third party information. The updated packages have been patched to correct this issue. Packages for 2008.0 are being provided due to extended support for Corporate products.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/83573/MDVSA-2009-093-1.txt
Source: https://packetstormsecurity.com/files/83573/Mandriva-Linux-Security-Advisory-2009-093.html