CVE-2009-3995
EPSS 12.2%libmikmod - arbitrary code execution
發布日:2009/12/18修改日:2026/4/28
描述
Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information.
受影響套件(3)
- Debian/libmikmodfrom 0, < 3.1.11-6.2
- Debian/libmikmodfrom 0, < 3.1.11-6+lenny1
- Debian/libmikmodfrom 0, < 3.1.11-6.0.1+lenny1