Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2009-3995

Published: 18 December 2009

Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information.

Notes

AuthorNote
mdeslaur
fixed by CVE-2009-3995f.patch in 3.1.11-6.2

Priority

Medium

Status

Package Release Status
libmikmod
Launchpad, Ubuntu, Debian
dapper Ignored
(end of life)
hardy
Released (3.1.11-6ubuntu3.8.04.1)
intrepid Ignored
(end of life, was needs-triage)
jaunty
Released (3.1.11-6ubuntu3.9.04.1)
karmic
Released (3.1.11-6ubuntu4.1)
lucid
Released (3.1.11-6.1ubuntu0.1)
upstream
Released (3.1.11-6.2)