PT-2009-6195 · Nullsoft+4 · Winamp+4

Publicado

2009-12-18

Atualizado

2018-10-10

CVE-2009-3995

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Winamp versions prior to 5.57 libmikmod version 3.1.12

Description The issue is related to multiple heap-based buffer overflows in the Module Decoder Plug-in, which might allow remote attackers to execute arbitrary code. This can be achieved via crafted samples or crafted instrument definitions in an Impulse Tracker file.

Recommendations For Winamp versions prior to 5.57, update to version 5.57 or later to resolve the issue. For libmikmod version 3.1.12, consider disabling the use of the Module Decoder Plug-in until a patch is available.

Correção

RCE

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2014-2126

CVE-2009-3995

DSA-2071-1

DSA-2081-1

OPENSUSE-SU-2024:10305-1

RHSA-2010:0720

RHSA-2010_0720

SUSE-SU-2018:1471-1

SUSE-SU-2018_1471-1

Produtos afetados

Alt Linux

Red Hat

Suse

Winamp

Libmikmod

PT-2009-6195 · Nullsoft+4 · Winamp+4

CVE-2009-3995

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 41