VYPR
← All advisories
Unrated severityNVD Advisory· Published May 26, 2009· Updated Apr 23, 2026

CVE-2009-1788

CVE-2009-1788

Description

Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value.

Affected products

12
  • Mega Nerd/Libsndfile5 versions
    cpe:2.3:a:mega-nerd:libsndfile:1.0.15:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.16:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.18:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.19:*:*:*:*:*:*:*
  • Nullsoft/Winamp7 versions
    cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

15

News mentions

0

No linked articles in our index yet.