CVE-2009-0179
published 2009-01-20CVE-2009-0179: libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash)…
PriorityP410medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
1.88%
76.8th percentile
libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libmikmod | < libmikmod 3.1.11-6.1 (bookworm) | libmikmod 3.1.11-6.1 (bookworm) |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| igno_saitz | libmikmod | — | — |
| raphael_assenat | libmikmod | >= 0 < 3.1.11-6.1 | 3.1.11-6.1 |
| raphael_assenat | libmikmod | >= 0 < 3.1.11-6.1 | 3.1.11-6.1 |
| raphael_assenat | libmikmod | >= 0 < 3.1.11-6.1 | 3.1.11-6.1 |
| raphael_assenat | libmikmod | >= 0 < 3.1.11-6.1 | 3.1.11-6.1 |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
vendor_ubuntu4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
libMikMod vulnerabilities
vendor_ubuntu·2010-09-29·CVSS 4.3
CVE-2009-3995 [MEDIUM] libMikMod vulnerabilities
Title: libMikMod vulnerabilities
It was discovered that libMikMod incorrectly handled songs with different
channel counts. If a user were tricked into opening a crafted song file,
an attacker could cause a denial of service. (CVE-2007-6720)
It was discovered that libMikMod incorrectly handled certain malformed XM
files. If a user were tricked into opening a crafted XM file, an attacker
could cause a denial of service. (CVE-2009-0179)
It was discovered that libMikMod incorrectly handled certain malformed
Impulse Tracker files. If a user were tricked into opening a crafted
Impulse Tracker file, an attacker could cause a denial of service or
possibly execute arbitrary code with the privileges of the user invoking
the program. (CVE-2009-3995, CVE-2010-2546, CVE-2010-2971)
It was discovered
Debian
CVE-2009-0179: libmikmod - libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, a...
vendor_debian·2009·CVSS 4.3
CVE-2009-0179 [MEDIUM] CVE-2009-0179: libmikmod - libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, a...
libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
Scope: local
bookworm: resolved (fixed in 3.1.11-6.1)
bullseye: resolved (fixed in 3.1.11-6.1)
forky: resolved (fixed in 3.1.11-6.1)
sid: resolved (fixed in 3.1.11-6.1)
trixie: resolved (fixed in 3.1.11-6.1)
Red Hat
mikmod: crash when loading XM files
vendor_redhat·2008-04-16·CVSS 4.3
CVE-2009-0179 [MEDIUM] mikmod: crash when loading XM files
mikmod: crash when loading XM files
libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
Statement: The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:
https://access.redhat.com/security/updates/classification/
GHSA
GHSA-r724-8435-xv6f: libmikmod 3
ghsa_unreviewed·2022-05-02
CVE-2009-0179 [MEDIUM] GHSA-r724-8435-xv6f: libmikmod 3
libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
OSV
CVE-2009-0179: libmikmod 3
osv·2009-01-20·CVSS 4.3
CVE-2009-0179 [MEDIUM] CVE-2009-0179: libmikmod 3
libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
No detection rules found.
No public exploits indexed.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476339http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.htmlhttp://openwall.com/lists/oss-security/2009/01/13/2http://secunia.com/advisories/34259http://www.securityfocus.com/bid/33240https://bugzilla.redhat.com/show_bug.cgi?id=479833https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01305.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-August/msg01312.htmlhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476339http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.htmlhttp://openwall.com/lists/oss-security/2009/01/13/2http://secunia.com/advisories/34259http://www.securityfocus.com/bid/33240https://bugzilla.redhat.com/show_bug.cgi?id=479833https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01305.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-August/msg01312.html
2009-01-20
Published