CVE-2009-1788

2009-05-2616:30:02

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.038

Percentile

91.9%

JSON

Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value.

Affected configurations

Nvd

Node

mega-nerdlibsndfileMatch1.0.15

mega-nerdlibsndfileMatch1.0.16

mega-nerdlibsndfileMatch1.0.17

mega-nerdlibsndfileMatch1.0.18

mega-nerdlibsndfileMatch1.0.19

nullsoftwinampMatch5.5

nullsoftwinampMatch5.51

nullsoftwinampMatch5.52

nullsoftwinampMatch5.54

nullsoftwinampMatch5.55

nullsoftwinampMatch5.541

nullsoftwinampMatch5.552

VendorProductVersionCPE
mega-nerdlibsndfile1.0.15cpe:2.3:a:mega-nerd:libsndfile:1.0.15:*:*:*:*:*:*:*
mega-nerdlibsndfile1.0.16cpe:2.3:a:mega-nerd:libsndfile:1.0.16:*:*:*:*:*:*:*
mega-nerdlibsndfile1.0.17cpe:2.3:a:mega-nerd:libsndfile:1.0.17:*:*:*:*:*:*:*
mega-nerdlibsndfile1.0.18cpe:2.3:a:mega-nerd:libsndfile:1.0.18:*:*:*:*:*:*:*
mega-nerdlibsndfile1.0.19cpe:2.3:a:mega-nerd:libsndfile:1.0.19:*:*:*:*:*:*:*
nullsoftwinamp5.5cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*
nullsoftwinamp5.51cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*
nullsoftwinamp5.52cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*
nullsoftwinamp5.54cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*
nullsoftwinamp5.55cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mega-nerd	libsndfile	1.0.15	cpe:2.3:a:mega-nerd:libsndfile:1.0.15:::::::*
mega-nerd	libsndfile	1.0.16	cpe:2.3:a:mega-nerd:libsndfile:1.0.16:::::::*
mega-nerd	libsndfile	1.0.17	cpe:2.3:a:mega-nerd:libsndfile:1.0.17:::::::*
mega-nerd	libsndfile	1.0.18	cpe:2.3:a:mega-nerd:libsndfile:1.0.18:::::::*
mega-nerd	libsndfile	1.0.19	cpe:2.3:a:mega-nerd:libsndfile:1.0.19:::::::*
nullsoft	winamp	5.5	cpe:2.3:a:nullsoft:winamp:5.5:::::::*
nullsoft	winamp	5.51	cpe:2.3:a:nullsoft:winamp:5.51:::::::*
nullsoft	winamp	5.52	cpe:2.3:a:nullsoft:winamp:5.52:::::::*
nullsoft	winamp	5.54	cpe:2.3:a:nullsoft:winamp:5.54:::::::*
nullsoft	winamp	5.55	cpe:2.3:a:nullsoft:winamp:5.55:::::::*