CVE-2009-0186
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2009-0186
Status
Candidate
Description
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.
Severity
High
CVSS score
9,3
CVSS vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Phase
Assigned (27.04.2010)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0186
References
BID :
33963
BUGTRAQ :
20090303 Secunia Research: libsndfile CAF Processing Integer Overflow Vulnerability
BUGTRAQ :
20090303 Secunia Research: Winamp CAF Processing Integer Overflow Vulnerability
CONFIRM :
http://www.mega-nerd.com/libsndfile/NEWS
MISC :
http://secunia.com/secunia_research/2009-7/
MISC :
http://secunia.com/secunia_research/2009-8/
SECUNIA :
33980
SECUNIA :
33981
VUPEN :
ADV-2009-0584
VUPEN :
ADV-2009-0585
SecurityVulns:
libsndfile / WinAmp integer overflow
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
