ID CVE-2009-0179
Summary libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
References
Vulnerable Configurations
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.9-1:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.9-1:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.9-2:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.9-2:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.9-3:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.9-3:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.9-4:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.9-4:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.9-5:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.9-5:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.9-6:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.9-6:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.10-1:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.10-1:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.10-2:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.10-2:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.10-3:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.10-3:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.10-4:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.10-4:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.10-5:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.10-5:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.11-1:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.11-1:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.11-2:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.11-2:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.11-3:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.11-3:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.11-4:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.11-4:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.11-5:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.11-5:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.11-6:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.11-6:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.1.12:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:igno_saitz:libmikmod:3.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:igno_saitz:libmikmod:3.2.0:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 02-09-2009 - 05:20)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
bid 33240
confirm https://bugzilla.redhat.com/show_bug.cgi?id=479833
fedora
  • FEDORA-2009-9095
  • FEDORA-2009-9112
misc http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476339
mlist [oss-security] 20090113 CVE Request -- libmikmod
secunia 34259
suse SUSE-SR:2009:006
statements via4
contributor Tomas Hoger
lastmodified 2009-01-21
organization Red Hat
statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2009-0179 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/
Last major update 02-09-2009 - 05:20
Published 20-01-2009 - 16:30
Back to Top