VYPR
Unrated severityNVD Advisory· Published Mar 5, 2009· Updated Jun 16, 2026

CVE-2009-0186

CVE-2009-0186

Description

Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

28
  • cpe:2.3:a:mega-nerd:libsndfile:*:*:*:*:*:*:*:*+ 23 more
    • cpe:2.3:a:mega-nerd:libsndfile:*:*:*:*:*:*:*:*range: <=1.0.18
    • cpe:2.3:a:mega-nerd:libsndfile:0.0.28:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:0.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.0:rc6:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.16:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.9:*:*:*:*:*:*:*
    • (no CPE)range: =1.0.18
  • Nullsoft/Winamp2 versions
    cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*
  • osv-coords2 versions
    < 1.0.26-2.4+ 1 more
    • (no CPE)range: < 1.0.26-2.4
    • (no CPE)range: < 1.0.26-2.4

Patches

Vulnerability mechanics

References

20

News mentions

0

No linked articles in our index yet.