VYPR
Unrated severityNVD Advisory· Published May 26, 2009· Updated Jun 16, 2026

CVE-2009-1791

CVE-2009-1791

Description

Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

13
  • cpe:2.3:a:mega-nerd:libsndfile:1.0.15:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.16:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.18:*:*:*:*:*:*:*
    • cpe:2.3:a:mega-nerd:libsndfile:1.0.19:*:*:*:*:*:*:*
    • (no CPE)range: 1.0.15 through 1.0.19
  • Nullsoft/Winamp7 versions
    cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*
    • cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.