JVN/CVE Demo: Cveinfos

CVE

Id: 37621
CVE No.: CVE-2009-0186
Status: Candidate
Description: Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.
Phase: Assigned (20090120)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
408450	37621	CVE-2009-0186	BUGTRAQ:20090303 Secunia Research: Winamp CAF Processing Integer Overflow Vulnerability	View
408451	37621	CVE-2009-0186	URL:http://www.securityfocus.com/archive/1/archive/1/501399/100/0/threaded	View
408452	37621	CVE-2009-0186	BUGTRAQ:20090303 Secunia Research: libsndfile CAF Processing Integer Overflow Vulnerability	View
408453	37621	CVE-2009-0186	URL:http://www.securityfocus.com/archive/1/archive/1/501413/100/0/threaded	View
408454	37621	CVE-2009-0186	MISC:http://secunia.com/secunia_research/2009-7/	View
408455	37621	CVE-2009-0186	MISC:http://secunia.com/secunia_research/2009-8/	View
408456	37621	CVE-2009-0186	CONFIRM:http://www.mega-nerd.com/libsndfile/NEWS	View
408457	37621	CVE-2009-0186	DEBIAN:DSA-1742	View
408458	37621	CVE-2009-0186	URL:http://www.debian.org/security/2009/dsa-1742	View
408459	37621	CVE-2009-0186	GENTOO:GLSA-200904-16	View
408460	37621	CVE-2009-0186	URL:http://security.gentoo.org/glsa/glsa-200904-16.xml	View
408461	37621	CVE-2009-0186	SUSE:SUSE-SR:2009:008	View
408462	37621	CVE-2009-0186	URL:http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html	View
408463	37621	CVE-2009-0186	UBUNTU:USN-749-1	View
408464	37621	CVE-2009-0186	URL:http://www.ubuntu.com/usn/USN-749-1	View
408465	37621	CVE-2009-0186	BID:33963	View
408466	37621	CVE-2009-0186	URL:http://www.securityfocus.com/bid/33963	View
408467	37621	CVE-2009-0186	SECTRACK:1021784	View
408468	37621	CVE-2009-0186	URL:http://www.securitytracker.com/id?1021784	View
408469	37621	CVE-2009-0186	SECUNIA:33980	View
408470	37621	CVE-2009-0186	URL:http://secunia.com/advisories/33980	View
408471	37621	CVE-2009-0186	SECUNIA:33981	View
408472	37621	CVE-2009-0186	URL:http://secunia.com/advisories/33981	View
408473	37621	CVE-2009-0186	SECUNIA:34316	View
408474	37621	CVE-2009-0186	URL:http://secunia.com/advisories/34316	View
408475	37621	CVE-2009-0186	SECUNIA:34526	View
408476	37621	CVE-2009-0186	URL:http://secunia.com/advisories/34526	View
408477	37621	CVE-2009-0186	SECUNIA:34642	View
408478	37621	CVE-2009-0186	URL:http://secunia.com/advisories/34642	View
408479	37621	CVE-2009-0186	SECUNIA:34791	View
408480	37621	CVE-2009-0186	URL:http://secunia.com/advisories/34791	View
408481	37621	CVE-2009-0186	VUPEN:ADV-2009-0584	View
408482	37621	CVE-2009-0186	URL:http://www.vupen.com/english/advisories/2009/0584	View
408483	37621	CVE-2009-0186	VUPEN:ADV-2009-0585	View
408484	37621	CVE-2009-0186	URL:http://www.vupen.com/english/advisories/2009/0585	View
408485	37621	CVE-2009-0186	XF:libsndfile-caf-bo(49038)	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.30 MB
View render complete	2.76 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	6.71
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	408.75
Event: Controller.beforeRender	5.41
» Processing toolbar data	5.33
Rendering View	11.13
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	10.25
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.47
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.08
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/37621
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/37621
Remote Port	12284
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.154
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.14.45
Http Via	1.1 squid-proxy-5b5d847c96-mw4wx (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.154
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.154
Unique Id	aJJJwGpSCvfuXQifWSIXdgAAAOw
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.154
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.154
Redirect Unique Id	aJJJwGpSCvfuXQifWSIXdgAAAOw
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.154
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.154
Redirect Redirect Unique Id	aJJJwGpSCvfuXQifWSIXdgAAAOw
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1754417600.9478
Request Time	1754417600

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files