Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2009-3995

Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information.

Security Impact Summary

CVE-2009-3995 is a security vulnerability that . Impacting 2 products from nullsoft, from raphael_assenat organizations running these solutions should prioritize assessment and patching.

Historical Context

Originally identified in 2009, this vulnerability predates many modern security frameworks and practices. The vulnerability landscape of that era was characterized by different threat models and less mature defense mechanisms compared to contemporary standards.

Published

2009-12-18T18:30:00.217

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 9.3 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

10.0

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	nullsoft	winamp	≤ 5.56	Yes
Application	nullsoft	winamp	0.20a	Yes
Application	nullsoft	winamp	0.92	Yes
Application	nullsoft	winamp	1.006	Yes
Application	nullsoft	winamp	1.90	Yes
Application	nullsoft	winamp	2.0	Yes
Application	nullsoft	winamp	2.4	Yes
Application	nullsoft	winamp	2.5e	Yes
Application	nullsoft	winamp	2.6	Yes
Application	nullsoft	winamp	2.6x	Yes
Application	nullsoft	winamp	2.7x	Yes
Application	nullsoft	winamp	2.9	Yes
Application	nullsoft	winamp	2.10	Yes
Application	nullsoft	winamp	2.24	Yes
Application	nullsoft	winamp	2.50	Yes
Application	nullsoft	winamp	2.60	Yes
Application	nullsoft	winamp	2.60	Yes
Application	nullsoft	winamp	2.60	Yes
Application	nullsoft	winamp	2.61	Yes
Application	nullsoft	winamp	2.61	Yes
Application	nullsoft	winamp	2.62	Yes
Application	nullsoft	winamp	2.62	Yes
Application	nullsoft	winamp	2.64	Yes
Application	nullsoft	winamp	2.64	Yes
Application	nullsoft	winamp	2.65	Yes
Application	nullsoft	winamp	2.70	Yes
Application	nullsoft	winamp	2.70	Yes
Application	nullsoft	winamp	2.71	Yes
Application	nullsoft	winamp	2.72	Yes
Application	nullsoft	winamp	2.73	Yes
Application	nullsoft	winamp	2.73	Yes
Application	nullsoft	winamp	2.74	Yes
Application	nullsoft	winamp	2.75	Yes
Application	nullsoft	winamp	2.76	Yes
Application	nullsoft	winamp	2.77	Yes
Application	nullsoft	winamp	2.78	Yes
Application	nullsoft	winamp	2.79	Yes
Application	nullsoft	winamp	2.80	Yes
Application	nullsoft	winamp	2.81	Yes
Application	nullsoft	winamp	2.90	Yes
Application	nullsoft	winamp	2.91	Yes
Application	nullsoft	winamp	2.92	Yes
Application	nullsoft	winamp	2.95	Yes
Application	nullsoft	winamp	3.0	Yes
Application	nullsoft	winamp	3.1	Yes
Application	nullsoft	winamp	5.0	Yes
Application	nullsoft	winamp	5.0.1	Yes
Application	nullsoft	winamp	5.0.2	Yes
Application	nullsoft	winamp	5.01	Yes
Application	nullsoft	winamp	5.1	Yes
Application	nullsoft	winamp	5.1	Yes
Application	nullsoft	winamp	5.02	Yes
Application	nullsoft	winamp	5.2	Yes
Application	nullsoft	winamp	5.3	Yes
Application	nullsoft	winamp	5.03	Yes
Application	nullsoft	winamp	5.03a	Yes
Application	nullsoft	winamp	5.04	Yes
Application	nullsoft	winamp	5.05	Yes
Application	nullsoft	winamp	5.5	Yes
Application	nullsoft	winamp	5.06	Yes
Application	nullsoft	winamp	5.07	Yes
Application	nullsoft	winamp	5.08	Yes
Application	nullsoft	winamp	5.08	Yes
Application	nullsoft	winamp	5.08	Yes
Application	nullsoft	winamp	5.08	Yes
Application	nullsoft	winamp	5.08c	Yes
Application	nullsoft	winamp	5.08d	Yes
Application	nullsoft	winamp	5.08e	Yes
Application	nullsoft	winamp	5.09	Yes
Application	nullsoft	winamp	5.11	Yes
Application	nullsoft	winamp	5.12	Yes
Application	nullsoft	winamp	5.13	Yes
Application	nullsoft	winamp	5.21	Yes
Application	nullsoft	winamp	5.22	Yes
Application	nullsoft	winamp	5.23	Yes
Application	nullsoft	winamp	5.24	Yes
Application	nullsoft	winamp	5.31	Yes
Application	nullsoft	winamp	5.32	Yes
Application	nullsoft	winamp	5.33	Yes
Application	nullsoft	winamp	5.34	Yes
Application	nullsoft	winamp	5.35	Yes
Application	nullsoft	winamp	5.36	Yes
Application	nullsoft	winamp	5.51	Yes
Application	nullsoft	winamp	5.52	Yes
Application	nullsoft	winamp	5.53	Yes
Application	nullsoft	winamp	5.54	Yes
Application	nullsoft	winamp	5.55	Yes
Application	nullsoft	winamp	5.091	Yes
Application	nullsoft	winamp	5.093	Yes
Application	nullsoft	winamp	5.094	Yes
Application	nullsoft	winamp	5.111	Yes
Application	nullsoft	winamp	5.112	Yes
Application	nullsoft	winamp	5.531	Yes
Application	nullsoft	winamp	5.541	Yes
Application	nullsoft	winamp	5.551	Yes
Application	nullsoft	winamp	5.552	Yes
Application	raphael_assenat	libmikmod	3.1.12	Yes

References

http://forums.winamp.com/showthread.php?threadid=315355 ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html ([email protected])
http://secunia.com/advisories/37495 Vendor Advisory ([email protected])
http://secunia.com/advisories/40799 Vendor Advisory ([email protected])
http://secunia.com/secunia_research/2009-52/ Vendor Advisory ([email protected])
http://secunia.com/secunia_research/2009-53/ Vendor Advisory ([email protected])
http://secunia.com/secunia_research/2009-55/ Vendor Advisory ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2010:151 ([email protected])
http://www.securityfocus.com/archive/1/508526/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/508527/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/37374 ([email protected])
http://www.vupen.com/english/advisories/2009/3575 Patch, Vendor Advisory ([email protected])
http://www.vupen.com/english/advisories/2010/1107 Vendor Advisory ([email protected])
http://www.vupen.com/english/advisories/2010/1957 Vendor Advisory ([email protected])
http://forums.winamp.com/showthread.php?threadid=315355 (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/37495 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/40799 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/secunia_research/2009-52/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/secunia_research/2009-53/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/secunia_research/2009-55/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2010:151 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/508526/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/508527/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/37374 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/3575 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/1107 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/1957 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For nullsoft's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.