Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-3995

Опубликовано: 18 дек. 2009
Источник: nvd
CVSS2: 9.3
EPSS Низкий

Описание

Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*
Версия до 5.56 (включая)
cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.4:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.5e:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.6x:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.7x:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.24:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.50:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.60:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.60:*:full:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.60:*:lite:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.61:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.61:*:full:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.62:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.62:*:standard:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.64:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.64:*:standard:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.65:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.70:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.70:*:full:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.71:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.72:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.73:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.73:*:full:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.74:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.75:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.76:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.77:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.78:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.79:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.80:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.81:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.90:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:3.0:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:3.1:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.1:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.03a:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.08:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.08:c:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.08:d:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.08:e:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.36:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.551:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*
cpe:2.3:a:raphael_assenat:libmikmod:3.1.12:*:*:*:*:*:*:*

EPSS

Процентиль: 93%
0.09808
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2009-3995

ubuntu
больше 15 лет назад

Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information.

redhat логотип

CVE-2009-3995

redhat
больше 15 лет назад

Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information.

debian логотип

CVE-2009-3995

debian
больше 15 лет назад

Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Dec ...

github логотип

GHSA-8mrg-3q2c-8376

github
около 3 лет назад

Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information.

suse-cvrf логотип

SUSE-SU-2018:1471-1

suse-cvrf
около 7 лет назад

Security update for libmikmod

EPSS

Процентиль: 93%
0.09808
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119
Уязвимость CVE-2009-3995