CVE-2009-3996
published 2009-12-18CVE-2009-3996: Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute…
PriorityP344critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
6.48%
92.9th percentile
Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file.
Affected
91 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libmikmod | < libmikmod 3.1.11-6.2 (bookworm) | libmikmod 3.1.11-6.2 (bookworm) |
| nullsoft | winamp | <= 5.56 | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL
vendor_debian9.3CRITICAL
vendor_redhat9.3CRITICAL
vendor_ubuntu4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
libMikMod vulnerabilities
vendor_ubuntu·2010-09-29·CVSS 4.3
CVE-2009-3995 [MEDIUM] libMikMod vulnerabilities
Title: libMikMod vulnerabilities
It was discovered that libMikMod incorrectly handled songs with different
channel counts. If a user were tricked into opening a crafted song file,
an attacker could cause a denial of service. (CVE-2007-6720)
It was discovered that libMikMod incorrectly handled certain malformed XM
files. If a user were tricked into opening a crafted XM file, an attacker
could cause a denial of service. (CVE-2009-0179)
It was discovered that libMikMod incorrectly handled certain malformed
Impulse Tracker files. If a user were tricked into opening a crafted
Impulse Tracker file, an attacker could cause a denial of service or
possibly execute arbitrary code with the privileges of the user invoking
the program. (CVE-2009-3995, CVE-2010-2546, CVE-2010-2971)
It was discovered
Red Hat
libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files
vendor_redhat·2010-02-05·CVSS 9.3
CVE-2009-3996 [CRITICAL] libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files
libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files
Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file.
Debian
CVE-2009-3996: libmikmod - Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Win...
vendor_debian·2009·CVSS 9.3
CVE-2009-3996 [CRITICAL] CVE-2009-3996: libmikmod - Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Win...
Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file.
Scope: local
bookworm: resolved (fixed in 3.1.11-6.2)
bullseye: resolved (fixed in 3.1.11-6.2)
forky: resolved (fixed in 3.1.11-6.2)
sid: resolved (fixed in 3.1.11-6.2)
trixie: resolved (fixed in 3.1.11-6.2)
GHSA
GHSA-4222-4jfx-7q2p: Heap-based buffer overflow in IN_MOD
ghsa_unreviewed·2022-05-02
CVE-2009-3996 [HIGH] CWE-119 GHSA-4222-4jfx-7q2p: Heap-based buffer overflow in IN_MOD
Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file.
OSV
CVE-2009-3996: Heap-based buffer overflow in IN_MOD
osv·2009-12-18·CVSS 9.3
CVE-2009-3996 [CRITICAL] CVE-2009-3996: Heap-based buffer overflow in IN_MOD
Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2009-3995 CVE-2009-3996 libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files
bugzilla·2010-07-14·CVSS 9.3
CVE-2009-3995 [CRITICAL] CVE-2009-3995 CVE-2009-3996 libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files
CVE-2009-3995 CVE-2009-3996 libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files
Multiple heap-based buffer overflow vulnerabilities were found in libmikmod. These flaws could allow a remote attacker able to coerce a local user using an application linked against libmikmod, to open an Impulse Tracker, crafted samples, or an Ultratracker file, to execute arbitrary code with the privileges of the user running the application.
CVE-2009-3995:
Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from t
Bugzilla
CVE-2009-3995 CVE-2009-3996 libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files [fedora-all]
bugzilla·2010-07-14·CVSS 9.3
CVE-2009-3995 [CRITICAL] CVE-2009-3995 CVE-2009-3996 libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files [fedora-all]
CVE-2009-3995 CVE-2009-3996 libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&b
http://forums.winamp.com/showthread.php?threadid=315355http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.htmlhttp://secunia.com/advisories/37495http://secunia.com/secunia_research/2009-55/http://secunia.com/secunia_research/2009-56/http://www.mandriva.com/security/advisories?name=MDVSA-2010:151http://www.securityfocus.com/archive/1/508528/100/0/threadedhttp://www.securityfocus.com/bid/37374http://www.vupen.com/english/advisories/2009/3575http://www.vupen.com/english/advisories/2010/1107http://forums.winamp.com/showthread.php?threadid=315355http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.htmlhttp://secunia.com/advisories/37495http://secunia.com/secunia_research/2009-55/http://secunia.com/secunia_research/2009-56/http://www.mandriva.com/security/advisories?name=MDVSA-2010:151http://www.securityfocus.com/archive/1/508528/100/0/threadedhttp://www.securityfocus.com/bid/37374http://www.vupen.com/english/advisories/2009/3575http://www.vupen.com/english/advisories/2010/1107
2009-12-18
Published