Search criteria
183 vulnerabilities found for winamp by nullsoft
FKIE_CVE-2014-3442
Vulnerability from fkie_nvd - Published: 2014-05-23 14:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39B1A82E-E023-445B-AB23-C60F99CAD2EB",
"versionEndIncluding": "5.666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13EFF2D1-D88F-436F-8E82-EAE681DE7AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "828226F9-29AA-437F-8385-B75A6F4F3B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD7DE0D-1018-4E04-A771-B2C619E95C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798885D9-B518-4C10-81B9-32AEB512C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "35D38D15-3588-49E4-9396-11DB96FBD448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "ED120987-6F27-4D8E-95DF-E19EBCB0B8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF40252-7E87-4EE6-B2C7-19E8D78C4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E02CCF2-2335-4F08-8061-6CFD7C8B265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AF272FF7-68ED-4D8B-9C17-D9D46AA33335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FAD29A-6A61-4201-A0E6-1F04BF093600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE09C3-B49C-4D7D-BCD1-2AA2104A271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4497A5-6E95-4CB3-999E-53BF890A23F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "20168350-2AD1-4AF4-B0AA-4C2EBF616259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A6931-A3CD-44A7-B170-53B803F321AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A651DB07-0A59-41C5-8788-6A3594A5023C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "199953E2-C5A4-4D7B-9BB4-EF0B1364F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CE765893-71E4-4945-891C-976B97762CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF245AA-7038-4BD4-B2CB-8B0E59200875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEF8714-56FC-4D6C-AE87-072ADD7698A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "E808BCEF-FE45-44D3-B22B-404BC97B89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C14B9D39-BF74-4C69-92BF-DE6E71FDD911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AD83F571-1A58-4159-AC2F-7261F135EF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "BB054736-2F91-4EF3-B04F-80403676374F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.36:*:*:*:*:*:*:*",
"matchCriteriaId": "287E954F-6A04-442A-B93E-CDD2ABEB357E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEE5A4C-770A-458B-AC1A-8F1F99A0951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:beta:*:*:*:*:*:*",
"matchCriteriaId": "F68A5E59-389B-4308-9D41-D665680EEC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E9493-556E-4085-B337-AE211A28DA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4F66E7-7F61-4F59-9213-21598A3DFD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E95D5-D855-4CD4-B44B-66FF029EC823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:beta:*:*:*:*:*:*",
"matchCriteriaId": "402F8767-1788-48BB-BCBE-E9E6B5F40396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "218E9850-70F5-4579-9549-47DD16ECD2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:beta:*:*:*:*:*:*",
"matchCriteriaId": "147C01F2-11E0-495A-916E-7C66D8CF4104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB36DD4-0F68-4A47-80D3-F326169BC2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.57:*:*:*:*:*:*:*",
"matchCriteriaId": "E23370CB-AA61-4C6A-A742-1DC2050926A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "88B4B254-A4B1-4B3D-9FD6-5E0C4C3E7678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.59:beta:*:*:*:*:*:*",
"matchCriteriaId": "F779958C-39AA-4AE8-895B-0BC1FA5401E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.61:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE65516-EA95-4DAE-93F5-FE19FFD9F04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.63:*:*:*:*:*:*:*",
"matchCriteriaId": "85F963C3-2D9B-41BC-8D80-15C1327880EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*",
"matchCriteriaId": "684ABC3F-57CB-490B-ADCB-501E0D234E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB30030-A195-4626-AAED-D421454D911D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3FCB9-6CF4-4513-9FB9-D01C58079060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*",
"matchCriteriaId": "913962D9-84AA-4474-800E-5DABF37D52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "35698C89-EACF-4ABF-BA67-AF59B8BD2928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*",
"matchCriteriaId": "951898A7-A060-4853-8C4E-99927794C0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.551:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB33D5A-C2A0-4526-8774-89BA4C079533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA20F35-AC57-4B5B-9EF1-8A4393BD1B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*",
"matchCriteriaId": "2D58D69A-8179-400C-8118-866FB1729DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.581:*:*:*:*:*:*:*",
"matchCriteriaId": "3C841E22-820E-40F6-864D-ED4485180F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.623:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CFCAE4-62A4-4447-BBB9-775DB8FAD662",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s."
},
{
"lang": "es",
"value": "Winamp 5.666 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda) a trav\u00e9s de un archivo .FLV malformado, relacionado con f263.w5s."
}
],
"id": "CVE-2014-3442",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-05-23T14:55:11.553",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/126636"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/67429"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/126636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/67429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93173"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-4694
Vulnerability from fkie_nvd - Published: 2014-04-16 22:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94EFEBF8-7740-4AEF-BE59-59FD6AEF6215",
"versionEndIncluding": "5.63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C15A30-0EEF-4E58-BF7B-8F9E0814BF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "32036D60-6151-4607-B181-9E1C30ABAE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "D38C91F9-8371-4BE5-8ADD-CC38BC7584E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "D0873D86-C669-4FEE-83F1-70B61E1DEE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFFD8E7-A443-4131-9CFB-67AA9739E6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "32A6660A-1306-44C0-BA92-D57D0F3ADD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C4D33-C782-4B10-95C2-050BCD745DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0581F9-9B99-43F6-852E-BD28BB47B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA7967-D737-4B46-9382-A391DF832219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "E08D39F3-4FE4-4256-AA33-33C29826B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*",
"matchCriteriaId": "830610D8-1B42-4560-ABB4-BA79DD145110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13EFF2D1-D88F-436F-8E82-EAE681DE7AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "828226F9-29AA-437F-8385-B75A6F4F3B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*",
"matchCriteriaId": "5256EEBD-E142-4DCA-AC2E-97F20E32E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD7DE0D-1018-4E04-A771-B2C619E95C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798885D9-B518-4C10-81B9-32AEB512C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "35D38D15-3588-49E4-9396-11DB96FBD448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "ED120987-6F27-4D8E-95DF-E19EBCB0B8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF40252-7E87-4EE6-B2C7-19E8D78C4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E02CCF2-2335-4F08-8061-6CFD7C8B265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AF272FF7-68ED-4D8B-9C17-D9D46AA33335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FAD29A-6A61-4201-A0E6-1F04BF093600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE09C3-B49C-4D7D-BCD1-2AA2104A271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4497A5-6E95-4CB3-999E-53BF890A23F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "20168350-2AD1-4AF4-B0AA-4C2EBF616259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A6931-A3CD-44A7-B170-53B803F321AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A651DB07-0A59-41C5-8788-6A3594A5023C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "199953E2-C5A4-4D7B-9BB4-EF0B1364F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CE765893-71E4-4945-891C-976B97762CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF245AA-7038-4BD4-B2CB-8B0E59200875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEF8714-56FC-4D6C-AE87-072ADD7698A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "E808BCEF-FE45-44D3-B22B-404BC97B89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C14B9D39-BF74-4C69-92BF-DE6E71FDD911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AD83F571-1A58-4159-AC2F-7261F135EF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "BB054736-2F91-4EF3-B04F-80403676374F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.36:*:*:*:*:*:*:*",
"matchCriteriaId": "287E954F-6A04-442A-B93E-CDD2ABEB357E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEE5A4C-770A-458B-AC1A-8F1F99A0951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:beta:*:*:*:*:*:*",
"matchCriteriaId": "F68A5E59-389B-4308-9D41-D665680EEC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E9493-556E-4085-B337-AE211A28DA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4F66E7-7F61-4F59-9213-21598A3DFD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E95D5-D855-4CD4-B44B-66FF029EC823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:beta:*:*:*:*:*:*",
"matchCriteriaId": "402F8767-1788-48BB-BCBE-E9E6B5F40396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "218E9850-70F5-4579-9549-47DD16ECD2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:beta:*:*:*:*:*:*",
"matchCriteriaId": "147C01F2-11E0-495A-916E-7C66D8CF4104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB36DD4-0F68-4A47-80D3-F326169BC2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.57:*:*:*:*:*:*:*",
"matchCriteriaId": "E23370CB-AA61-4C6A-A742-1DC2050926A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "88B4B254-A4B1-4B3D-9FD6-5E0C4C3E7678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.59:beta:*:*:*:*:*:*",
"matchCriteriaId": "F779958C-39AA-4AE8-895B-0BC1FA5401E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.61:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE65516-EA95-4DAE-93F5-FE19FFD9F04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*",
"matchCriteriaId": "684ABC3F-57CB-490B-ADCB-501E0D234E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB30030-A195-4626-AAED-D421454D911D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3FCB9-6CF4-4513-9FB9-D01C58079060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*",
"matchCriteriaId": "913962D9-84AA-4474-800E-5DABF37D52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "35698C89-EACF-4ABF-BA67-AF59B8BD2928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*",
"matchCriteriaId": "951898A7-A060-4853-8C4E-99927794C0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.551:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB33D5A-C2A0-4526-8774-89BA4C079533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA20F35-AC57-4B5B-9EF1-8A4393BD1B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*",
"matchCriteriaId": "2D58D69A-8179-400C-8118-866FB1729DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.581:*:*:*:*:*:*:*",
"matchCriteriaId": "3C841E22-820E-40F6-864D-ED4485180F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.623:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CFCAE4-62A4-4447-BBB9-775DB8FAD662",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en gen_jumpex.dll en Winamp anterior a 5.64 Build 3418 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un paquete con un nombre de directorio Skin largo. NOTA: un segundo desbordamiento de buffer involucrando un campo de b\u00fasqueda GUI largo hacia ml_local.dll fue tambi\u00e9n reportado. Sin embargo, como solo es explotable por el usuario de la aplicaci\u00f3n, este problema no cruzar\u00eda l\u00edmites de privilegio a no ser que Winamp est\u00e1 funcionando bajo un entorno altamente restringido como un kiosk."
}
],
"id": "CVE-2013-4694",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-16T22:55:06.137",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://forums.winamp.com/showthread.php?t=364291"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/94739"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/94740"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/122978"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2013/Jul/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/26558"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/60883"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030107"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85399"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://forums.winamp.com/showthread.php?t=364291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/94739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/94740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/122978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2013/Jul/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/26558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/60883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85399"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-4045
Vulnerability from fkie_nvd - Published: 2012-07-22 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI file, or (3) decompressed TechSmith Screen Capture Codec (TSCC) data in an AVI file.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94EFEBF8-7740-4AEF-BE59-59FD6AEF6215",
"versionEndIncluding": "5.63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI file, or (3) decompressed TechSmith Screen Capture Codec (TSCC) data in an AVI file."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de bufer basado en bmp.w5s en Winamp v5.63 anterior a build 3235, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de la porci\u00f3n (1) STRF en BI_RGB o (2) los datos de v\u00eddeo UYVY en un archivo AVI, o (3) descomprime TechSmith captura de Pantalla Codec (TSCC) de datos en un archivo AVI."
}
],
"id": "CVE-2012-4045",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-22T17:55:03.337",
"references": [
{
"source": "cve@mitre.org",
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46624"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/54131"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/54131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15335"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-3890
Vulnerability from fkie_nvd - Published: 2012-07-11 10:26 - Updated: 2025-04-11 00:51
Severity ?
Summary
The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF0D19B1-CBD0-426A-B818-6E47D74AC195",
"versionEndIncluding": "5.623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C15A30-0EEF-4E58-BF7B-8F9E0814BF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "32036D60-6151-4607-B181-9E1C30ABAE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "D38C91F9-8371-4BE5-8ADD-CC38BC7584E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "D0873D86-C669-4FEE-83F1-70B61E1DEE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFFD8E7-A443-4131-9CFB-67AA9739E6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "32A6660A-1306-44C0-BA92-D57D0F3ADD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C4D33-C782-4B10-95C2-050BCD745DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0581F9-9B99-43F6-852E-BD28BB47B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA7967-D737-4B46-9382-A391DF832219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "E08D39F3-4FE4-4256-AA33-33C29826B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*",
"matchCriteriaId": "830610D8-1B42-4560-ABB4-BA79DD145110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13EFF2D1-D88F-436F-8E82-EAE681DE7AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "828226F9-29AA-437F-8385-B75A6F4F3B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*",
"matchCriteriaId": "5256EEBD-E142-4DCA-AC2E-97F20E32E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD7DE0D-1018-4E04-A771-B2C619E95C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798885D9-B518-4C10-81B9-32AEB512C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "35D38D15-3588-49E4-9396-11DB96FBD448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "ED120987-6F27-4D8E-95DF-E19EBCB0B8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF40252-7E87-4EE6-B2C7-19E8D78C4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E02CCF2-2335-4F08-8061-6CFD7C8B265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AF272FF7-68ED-4D8B-9C17-D9D46AA33335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FAD29A-6A61-4201-A0E6-1F04BF093600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE09C3-B49C-4D7D-BCD1-2AA2104A271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4497A5-6E95-4CB3-999E-53BF890A23F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "20168350-2AD1-4AF4-B0AA-4C2EBF616259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A6931-A3CD-44A7-B170-53B803F321AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A651DB07-0A59-41C5-8788-6A3594A5023C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "199953E2-C5A4-4D7B-9BB4-EF0B1364F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CE765893-71E4-4945-891C-976B97762CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF245AA-7038-4BD4-B2CB-8B0E59200875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEF8714-56FC-4D6C-AE87-072ADD7698A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "E808BCEF-FE45-44D3-B22B-404BC97B89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C14B9D39-BF74-4C69-92BF-DE6E71FDD911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AD83F571-1A58-4159-AC2F-7261F135EF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "BB054736-2F91-4EF3-B04F-80403676374F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.36:*:*:*:*:*:*:*",
"matchCriteriaId": "287E954F-6A04-442A-B93E-CDD2ABEB357E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEE5A4C-770A-458B-AC1A-8F1F99A0951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:beta:*:*:*:*:*:*",
"matchCriteriaId": "F68A5E59-389B-4308-9D41-D665680EEC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E9493-556E-4085-B337-AE211A28DA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4F66E7-7F61-4F59-9213-21598A3DFD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E95D5-D855-4CD4-B44B-66FF029EC823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:beta:*:*:*:*:*:*",
"matchCriteriaId": "402F8767-1788-48BB-BCBE-E9E6B5F40396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "218E9850-70F5-4579-9549-47DD16ECD2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:beta:*:*:*:*:*:*",
"matchCriteriaId": "147C01F2-11E0-495A-916E-7C66D8CF4104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB36DD4-0F68-4A47-80D3-F326169BC2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.57:*:*:*:*:*:*:*",
"matchCriteriaId": "E23370CB-AA61-4C6A-A742-1DC2050926A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.59:beta:*:*:*:*:*:*",
"matchCriteriaId": "F779958C-39AA-4AE8-895B-0BC1FA5401E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.61:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE65516-EA95-4DAE-93F5-FE19FFD9F04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*",
"matchCriteriaId": "684ABC3F-57CB-490B-ADCB-501E0D234E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB30030-A195-4626-AAED-D421454D911D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3FCB9-6CF4-4513-9FB9-D01C58079060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*",
"matchCriteriaId": "913962D9-84AA-4474-800E-5DABF37D52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "35698C89-EACF-4ABF-BA67-AF59B8BD2928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*",
"matchCriteriaId": "951898A7-A060-4853-8C4E-99927794C0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*",
"matchCriteriaId": "2D58D69A-8179-400C-8118-866FB1729DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.581:*:*:*:*:*:*:*",
"matchCriteriaId": "3C841E22-820E-40F6-864D-ED4485180F7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file."
},
{
"lang": "es",
"value": "El plug-in in_mod en Winamp antes de v5.63 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria dinamica \u0027heap\u0027) o posiblemente tener un impacto no especificado a trav\u00e9s de un fichero .IT."
}
],
"id": "CVE-2012-3890",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-11T10:26:11.907",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/46624"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/54131"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/54131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15553"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-3889
Vulnerability from fkie_nvd - Published: 2012-07-11 10:26 - Updated: 2025-04-11 00:51
Severity ?
Summary
The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF0D19B1-CBD0-426A-B818-6E47D74AC195",
"versionEndIncluding": "5.623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C15A30-0EEF-4E58-BF7B-8F9E0814BF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "32036D60-6151-4607-B181-9E1C30ABAE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "D38C91F9-8371-4BE5-8ADD-CC38BC7584E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "D0873D86-C669-4FEE-83F1-70B61E1DEE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFFD8E7-A443-4131-9CFB-67AA9739E6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "32A6660A-1306-44C0-BA92-D57D0F3ADD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C4D33-C782-4B10-95C2-050BCD745DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0581F9-9B99-43F6-852E-BD28BB47B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA7967-D737-4B46-9382-A391DF832219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "E08D39F3-4FE4-4256-AA33-33C29826B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*",
"matchCriteriaId": "830610D8-1B42-4560-ABB4-BA79DD145110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13EFF2D1-D88F-436F-8E82-EAE681DE7AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "828226F9-29AA-437F-8385-B75A6F4F3B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*",
"matchCriteriaId": "5256EEBD-E142-4DCA-AC2E-97F20E32E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD7DE0D-1018-4E04-A771-B2C619E95C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798885D9-B518-4C10-81B9-32AEB512C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "35D38D15-3588-49E4-9396-11DB96FBD448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "ED120987-6F27-4D8E-95DF-E19EBCB0B8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF40252-7E87-4EE6-B2C7-19E8D78C4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E02CCF2-2335-4F08-8061-6CFD7C8B265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AF272FF7-68ED-4D8B-9C17-D9D46AA33335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FAD29A-6A61-4201-A0E6-1F04BF093600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE09C3-B49C-4D7D-BCD1-2AA2104A271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4497A5-6E95-4CB3-999E-53BF890A23F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "20168350-2AD1-4AF4-B0AA-4C2EBF616259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A6931-A3CD-44A7-B170-53B803F321AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A651DB07-0A59-41C5-8788-6A3594A5023C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "199953E2-C5A4-4D7B-9BB4-EF0B1364F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CE765893-71E4-4945-891C-976B97762CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF245AA-7038-4BD4-B2CB-8B0E59200875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEF8714-56FC-4D6C-AE87-072ADD7698A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "E808BCEF-FE45-44D3-B22B-404BC97B89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C14B9D39-BF74-4C69-92BF-DE6E71FDD911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AD83F571-1A58-4159-AC2F-7261F135EF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "BB054736-2F91-4EF3-B04F-80403676374F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.36:*:*:*:*:*:*:*",
"matchCriteriaId": "287E954F-6A04-442A-B93E-CDD2ABEB357E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEE5A4C-770A-458B-AC1A-8F1F99A0951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:beta:*:*:*:*:*:*",
"matchCriteriaId": "F68A5E59-389B-4308-9D41-D665680EEC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E9493-556E-4085-B337-AE211A28DA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4F66E7-7F61-4F59-9213-21598A3DFD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E95D5-D855-4CD4-B44B-66FF029EC823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:beta:*:*:*:*:*:*",
"matchCriteriaId": "402F8767-1788-48BB-BCBE-E9E6B5F40396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "218E9850-70F5-4579-9549-47DD16ECD2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:beta:*:*:*:*:*:*",
"matchCriteriaId": "147C01F2-11E0-495A-916E-7C66D8CF4104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB36DD4-0F68-4A47-80D3-F326169BC2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.57:*:*:*:*:*:*:*",
"matchCriteriaId": "E23370CB-AA61-4C6A-A742-1DC2050926A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.59:beta:*:*:*:*:*:*",
"matchCriteriaId": "F779958C-39AA-4AE8-895B-0BC1FA5401E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.61:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE65516-EA95-4DAE-93F5-FE19FFD9F04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*",
"matchCriteriaId": "684ABC3F-57CB-490B-ADCB-501E0D234E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB30030-A195-4626-AAED-D421454D911D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3FCB9-6CF4-4513-9FB9-D01C58079060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*",
"matchCriteriaId": "913962D9-84AA-4474-800E-5DABF37D52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "35698C89-EACF-4ABF-BA67-AF59B8BD2928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*",
"matchCriteriaId": "951898A7-A060-4853-8C4E-99927794C0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*",
"matchCriteriaId": "2D58D69A-8179-400C-8118-866FB1729DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.581:*:*:*:*:*:*:*",
"matchCriteriaId": "3C841E22-820E-40F6-864D-ED4485180F7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file."
},
{
"lang": "es",
"value": "El plug-in in_mod de Winamp antes de v5.63 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente tener otro impacto no especificado a trav\u00e9s de un fichero .IT."
}
],
"id": "CVE-2012-3889",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-11T10:26:11.860",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/46624"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/54131"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/54131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14748"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2011-4857
Vulnerability from fkie_nvd - Published: 2011-12-16 19:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C8DF0F-15D3-46EE-8665-D7FADF42A362",
"versionEndIncluding": "5.622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C15A30-0EEF-4E58-BF7B-8F9E0814BF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "32036D60-6151-4607-B181-9E1C30ABAE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "D38C91F9-8371-4BE5-8ADD-CC38BC7584E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "D0873D86-C669-4FEE-83F1-70B61E1DEE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFFD8E7-A443-4131-9CFB-67AA9739E6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "32A6660A-1306-44C0-BA92-D57D0F3ADD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C4D33-C782-4B10-95C2-050BCD745DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0581F9-9B99-43F6-852E-BD28BB47B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA7967-D737-4B46-9382-A391DF832219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "E08D39F3-4FE4-4256-AA33-33C29826B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*",
"matchCriteriaId": "830610D8-1B42-4560-ABB4-BA79DD145110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13EFF2D1-D88F-436F-8E82-EAE681DE7AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "828226F9-29AA-437F-8385-B75A6F4F3B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*",
"matchCriteriaId": "5256EEBD-E142-4DCA-AC2E-97F20E32E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD7DE0D-1018-4E04-A771-B2C619E95C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798885D9-B518-4C10-81B9-32AEB512C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "35D38D15-3588-49E4-9396-11DB96FBD448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "ED120987-6F27-4D8E-95DF-E19EBCB0B8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF40252-7E87-4EE6-B2C7-19E8D78C4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E02CCF2-2335-4F08-8061-6CFD7C8B265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "202377E4-E8A7-494B-B0A1-DAED56E34401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AF272FF7-68ED-4D8B-9C17-D9D46AA33335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FAD29A-6A61-4201-A0E6-1F04BF093600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE09C3-B49C-4D7D-BCD1-2AA2104A271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4497A5-6E95-4CB3-999E-53BF890A23F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "20168350-2AD1-4AF4-B0AA-4C2EBF616259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A6931-A3CD-44A7-B170-53B803F321AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A651DB07-0A59-41C5-8788-6A3594A5023C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "199953E2-C5A4-4D7B-9BB4-EF0B1364F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CE765893-71E4-4945-891C-976B97762CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF245AA-7038-4BD4-B2CB-8B0E59200875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEF8714-56FC-4D6C-AE87-072ADD7698A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "E808BCEF-FE45-44D3-B22B-404BC97B89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C14B9D39-BF74-4C69-92BF-DE6E71FDD911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AD83F571-1A58-4159-AC2F-7261F135EF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "BB054736-2F91-4EF3-B04F-80403676374F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEE5A4C-770A-458B-AC1A-8F1F99A0951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E9493-556E-4085-B337-AE211A28DA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4F66E7-7F61-4F59-9213-21598A3DFD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E95D5-D855-4CD4-B44B-66FF029EC823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "218E9850-70F5-4579-9549-47DD16ECD2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB36DD4-0F68-4A47-80D3-F326169BC2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.57:*:*:*:*:*:*:*",
"matchCriteriaId": "E23370CB-AA61-4C6A-A742-1DC2050926A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "88B4B254-A4B1-4B3D-9FD6-5E0C4C3E7678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*",
"matchCriteriaId": "684ABC3F-57CB-490B-ADCB-501E0D234E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB30030-A195-4626-AAED-D421454D911D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3FCB9-6CF4-4513-9FB9-D01C58079060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*",
"matchCriteriaId": "913962D9-84AA-4474-800E-5DABF37D52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "35698C89-EACF-4ABF-BA67-AF59B8BD2928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*",
"matchCriteriaId": "951898A7-A060-4853-8C4E-99927794C0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.551:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB33D5A-C2A0-4526-8774-89BA4C079533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA20F35-AC57-4B5B-9EF1-8A4393BD1B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*",
"matchCriteriaId": "2D58D69A-8179-400C-8118-866FB1729DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.581:*:*:*:*:*:*:*",
"matchCriteriaId": "3C841E22-820E-40F6-864D-ED4485180F7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Desbordamiento de buffer de memoria din\u00e1mica en el complemento in_mod.dll de Winamp en versiones anteriores a la 5.623 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos de canciones modificados de un archivo Impulse Tracker (IT). NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceras partes."
}
],
"id": "CVE-2011-4857",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-12-16T19:55:01.033",
"references": [
{
"source": "cve@mitre.org",
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/46882"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72054"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15351"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2011-3834
Vulnerability from fkie_nvd - Published: 2011-12-16 19:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C8DF0F-15D3-46EE-8665-D7FADF42A362",
"versionEndIncluding": "5.622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C15A30-0EEF-4E58-BF7B-8F9E0814BF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "32036D60-6151-4607-B181-9E1C30ABAE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "D38C91F9-8371-4BE5-8ADD-CC38BC7584E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "D0873D86-C669-4FEE-83F1-70B61E1DEE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFFD8E7-A443-4131-9CFB-67AA9739E6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "32A6660A-1306-44C0-BA92-D57D0F3ADD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C4D33-C782-4B10-95C2-050BCD745DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0581F9-9B99-43F6-852E-BD28BB47B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA7967-D737-4B46-9382-A391DF832219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "E08D39F3-4FE4-4256-AA33-33C29826B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*",
"matchCriteriaId": "830610D8-1B42-4560-ABB4-BA79DD145110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13EFF2D1-D88F-436F-8E82-EAE681DE7AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "828226F9-29AA-437F-8385-B75A6F4F3B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*",
"matchCriteriaId": "5256EEBD-E142-4DCA-AC2E-97F20E32E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD7DE0D-1018-4E04-A771-B2C619E95C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798885D9-B518-4C10-81B9-32AEB512C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "35D38D15-3588-49E4-9396-11DB96FBD448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "ED120987-6F27-4D8E-95DF-E19EBCB0B8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF40252-7E87-4EE6-B2C7-19E8D78C4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E02CCF2-2335-4F08-8061-6CFD7C8B265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "202377E4-E8A7-494B-B0A1-DAED56E34401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AF272FF7-68ED-4D8B-9C17-D9D46AA33335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FAD29A-6A61-4201-A0E6-1F04BF093600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE09C3-B49C-4D7D-BCD1-2AA2104A271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4497A5-6E95-4CB3-999E-53BF890A23F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "20168350-2AD1-4AF4-B0AA-4C2EBF616259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A6931-A3CD-44A7-B170-53B803F321AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A651DB07-0A59-41C5-8788-6A3594A5023C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "199953E2-C5A4-4D7B-9BB4-EF0B1364F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CE765893-71E4-4945-891C-976B97762CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF245AA-7038-4BD4-B2CB-8B0E59200875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEF8714-56FC-4D6C-AE87-072ADD7698A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "E808BCEF-FE45-44D3-B22B-404BC97B89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C14B9D39-BF74-4C69-92BF-DE6E71FDD911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AD83F571-1A58-4159-AC2F-7261F135EF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "BB054736-2F91-4EF3-B04F-80403676374F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEE5A4C-770A-458B-AC1A-8F1F99A0951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E9493-556E-4085-B337-AE211A28DA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4F66E7-7F61-4F59-9213-21598A3DFD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E95D5-D855-4CD4-B44B-66FF029EC823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "218E9850-70F5-4579-9549-47DD16ECD2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB36DD4-0F68-4A47-80D3-F326169BC2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.57:*:*:*:*:*:*:*",
"matchCriteriaId": "E23370CB-AA61-4C6A-A742-1DC2050926A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "88B4B254-A4B1-4B3D-9FD6-5E0C4C3E7678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*",
"matchCriteriaId": "684ABC3F-57CB-490B-ADCB-501E0D234E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB30030-A195-4626-AAED-D421454D911D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3FCB9-6CF4-4513-9FB9-D01C58079060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*",
"matchCriteriaId": "913962D9-84AA-4474-800E-5DABF37D52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "35698C89-EACF-4ABF-BA67-AF59B8BD2928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*",
"matchCriteriaId": "951898A7-A060-4853-8C4E-99927794C0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.551:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB33D5A-C2A0-4526-8774-89BA4C079533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA20F35-AC57-4B5B-9EF1-8A4393BD1B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*",
"matchCriteriaId": "2D58D69A-8179-400C-8118-866FB1729DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.581:*:*:*:*:*:*:*",
"matchCriteriaId": "3C841E22-820E-40F6-864D-ED4485180F7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de entero en el componente in_avi.dll de Winamp en versiones anteriores de 5.623. Permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo AVI con un valor modificado de (1) el n\u00famero de streams o (2) el tama\u00f1o de los conjuntos (\"chunk\") RIFF INFO, provocando un desbordamiento de memoria din\u00e1mica."
}
],
"id": "CVE-2011-3834",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-12-16T19:55:00.923",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46882"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2011-81/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2011-81/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14981"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-4374
Vulnerability from fkie_nvd - Published: 2010-12-02 16:22 - Updated: 2025-04-11 00:51
Severity ?
Summary
The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matroska Video (MKV) file containing a string with a crafted length.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7D704-AF80-4CB2-8B1B-7F9A08F07507",
"versionEndIncluding": "5.581",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C15A30-0EEF-4E58-BF7B-8F9E0814BF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "32036D60-6151-4607-B181-9E1C30ABAE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "D38C91F9-8371-4BE5-8ADD-CC38BC7584E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "D0873D86-C669-4FEE-83F1-70B61E1DEE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFFD8E7-A443-4131-9CFB-67AA9739E6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "32A6660A-1306-44C0-BA92-D57D0F3ADD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C4D33-C782-4B10-95C2-050BCD745DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0581F9-9B99-43F6-852E-BD28BB47B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA7967-D737-4B46-9382-A391DF832219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "E08D39F3-4FE4-4256-AA33-33C29826B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*",
"matchCriteriaId": "830610D8-1B42-4560-ABB4-BA79DD145110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13EFF2D1-D88F-436F-8E82-EAE681DE7AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "828226F9-29AA-437F-8385-B75A6F4F3B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*",
"matchCriteriaId": "5256EEBD-E142-4DCA-AC2E-97F20E32E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD7DE0D-1018-4E04-A771-B2C619E95C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798885D9-B518-4C10-81B9-32AEB512C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "35D38D15-3588-49E4-9396-11DB96FBD448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "ED120987-6F27-4D8E-95DF-E19EBCB0B8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF40252-7E87-4EE6-B2C7-19E8D78C4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E02CCF2-2335-4F08-8061-6CFD7C8B265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AF272FF7-68ED-4D8B-9C17-D9D46AA33335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FAD29A-6A61-4201-A0E6-1F04BF093600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE09C3-B49C-4D7D-BCD1-2AA2104A271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4497A5-6E95-4CB3-999E-53BF890A23F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "20168350-2AD1-4AF4-B0AA-4C2EBF616259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A6931-A3CD-44A7-B170-53B803F321AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A651DB07-0A59-41C5-8788-6A3594A5023C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "199953E2-C5A4-4D7B-9BB4-EF0B1364F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CE765893-71E4-4945-891C-976B97762CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF245AA-7038-4BD4-B2CB-8B0E59200875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEF8714-56FC-4D6C-AE87-072ADD7698A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "E808BCEF-FE45-44D3-B22B-404BC97B89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C14B9D39-BF74-4C69-92BF-DE6E71FDD911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AD83F571-1A58-4159-AC2F-7261F135EF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "BB054736-2F91-4EF3-B04F-80403676374F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEE5A4C-770A-458B-AC1A-8F1F99A0951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E9493-556E-4085-B337-AE211A28DA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4F66E7-7F61-4F59-9213-21598A3DFD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E95D5-D855-4CD4-B44B-66FF029EC823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "218E9850-70F5-4579-9549-47DD16ECD2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB36DD4-0F68-4A47-80D3-F326169BC2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "88B4B254-A4B1-4B3D-9FD6-5E0C4C3E7678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*",
"matchCriteriaId": "684ABC3F-57CB-490B-ADCB-501E0D234E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB30030-A195-4626-AAED-D421454D911D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3FCB9-6CF4-4513-9FB9-D01C58079060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*",
"matchCriteriaId": "913962D9-84AA-4474-800E-5DABF37D52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "35698C89-EACF-4ABF-BA67-AF59B8BD2928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*",
"matchCriteriaId": "951898A7-A060-4853-8C4E-99927794C0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.551:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB33D5A-C2A0-4526-8774-89BA4C079533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA20F35-AC57-4B5B-9EF1-8A4393BD1B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*",
"matchCriteriaId": "2D58D69A-8179-400C-8118-866FB1729DD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matroska Video (MKV) file containing a string with a crafted length."
},
{
"lang": "es",
"value": "El plug-in in_mkv en Winamp anterior a v5.6 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un v\u00eddeo Matroska (MKV) que contiene una cadena con una longitud manipulada."
}
],
"id": "CVE-2010-4374",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-12-02T16:22:22.050",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"source": "cve@mitre.org",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12332"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-4372
Vulnerability from fkie_nvd - Published: 2010-12-02 16:22 - Updated: 2025-04-11 00:51
Severity ?
Summary
Integer overflow in the in_nsv plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to improper allocation of memory for NSV metadata, a different vulnerability than CVE-2010-2586.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7D704-AF80-4CB2-8B1B-7F9A08F07507",
"versionEndIncluding": "5.581",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C15A30-0EEF-4E58-BF7B-8F9E0814BF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "32036D60-6151-4607-B181-9E1C30ABAE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "D38C91F9-8371-4BE5-8ADD-CC38BC7584E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "D0873D86-C669-4FEE-83F1-70B61E1DEE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFFD8E7-A443-4131-9CFB-67AA9739E6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "32A6660A-1306-44C0-BA92-D57D0F3ADD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C4D33-C782-4B10-95C2-050BCD745DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0581F9-9B99-43F6-852E-BD28BB47B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA7967-D737-4B46-9382-A391DF832219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "E08D39F3-4FE4-4256-AA33-33C29826B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*",
"matchCriteriaId": "830610D8-1B42-4560-ABB4-BA79DD145110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13EFF2D1-D88F-436F-8E82-EAE681DE7AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "828226F9-29AA-437F-8385-B75A6F4F3B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*",
"matchCriteriaId": "5256EEBD-E142-4DCA-AC2E-97F20E32E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD7DE0D-1018-4E04-A771-B2C619E95C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798885D9-B518-4C10-81B9-32AEB512C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "35D38D15-3588-49E4-9396-11DB96FBD448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "ED120987-6F27-4D8E-95DF-E19EBCB0B8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF40252-7E87-4EE6-B2C7-19E8D78C4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E02CCF2-2335-4F08-8061-6CFD7C8B265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AF272FF7-68ED-4D8B-9C17-D9D46AA33335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FAD29A-6A61-4201-A0E6-1F04BF093600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE09C3-B49C-4D7D-BCD1-2AA2104A271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4497A5-6E95-4CB3-999E-53BF890A23F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "20168350-2AD1-4AF4-B0AA-4C2EBF616259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A6931-A3CD-44A7-B170-53B803F321AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A651DB07-0A59-41C5-8788-6A3594A5023C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "199953E2-C5A4-4D7B-9BB4-EF0B1364F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CE765893-71E4-4945-891C-976B97762CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF245AA-7038-4BD4-B2CB-8B0E59200875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEF8714-56FC-4D6C-AE87-072ADD7698A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "E808BCEF-FE45-44D3-B22B-404BC97B89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C14B9D39-BF74-4C69-92BF-DE6E71FDD911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AD83F571-1A58-4159-AC2F-7261F135EF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "BB054736-2F91-4EF3-B04F-80403676374F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEE5A4C-770A-458B-AC1A-8F1F99A0951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E9493-556E-4085-B337-AE211A28DA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4F66E7-7F61-4F59-9213-21598A3DFD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E95D5-D855-4CD4-B44B-66FF029EC823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "218E9850-70F5-4579-9549-47DD16ECD2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB36DD4-0F68-4A47-80D3-F326169BC2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "88B4B254-A4B1-4B3D-9FD6-5E0C4C3E7678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*",
"matchCriteriaId": "684ABC3F-57CB-490B-ADCB-501E0D234E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB30030-A195-4626-AAED-D421454D911D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3FCB9-6CF4-4513-9FB9-D01C58079060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*",
"matchCriteriaId": "913962D9-84AA-4474-800E-5DABF37D52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "35698C89-EACF-4ABF-BA67-AF59B8BD2928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*",
"matchCriteriaId": "951898A7-A060-4853-8C4E-99927794C0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.551:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB33D5A-C2A0-4526-8774-89BA4C079533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA20F35-AC57-4B5B-9EF1-8A4393BD1B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*",
"matchCriteriaId": "2D58D69A-8179-400C-8118-866FB1729DD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the in_nsv plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to improper allocation of memory for NSV metadata, a different vulnerability than CVE-2010-2586."
},
{
"lang": "es",
"value": "Desbordamiento de entero en el plugin in_nsv en Winamp anterior a v5.6 permite a atacantes remotos tener un impacto no especificado trav\u00e9s de vectores relacionados con la asignaci\u00f3n incorrecta de la memoria para los metadatos NSV, una vulnerabilidad diferente a CVE-2010-2586."
}
],
"id": "CVE-2010-4372",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-12-02T16:22:22.003",
"references": [
{
"source": "cve@mitre.org",
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"source": "cve@mitre.org",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12358"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-4373
Vulnerability from fkie_nvd - Published: 2010-12-02 16:22 - Updated: 2025-04-11 00:51
Severity ?
Summary
The in_mp4 plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via crafted (1) metadata or (2) albumart in an invalid MP4 file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7D704-AF80-4CB2-8B1B-7F9A08F07507",
"versionEndIncluding": "5.581",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C15A30-0EEF-4E58-BF7B-8F9E0814BF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "32036D60-6151-4607-B181-9E1C30ABAE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "D38C91F9-8371-4BE5-8ADD-CC38BC7584E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "D0873D86-C669-4FEE-83F1-70B61E1DEE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFFD8E7-A443-4131-9CFB-67AA9739E6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "32A6660A-1306-44C0-BA92-D57D0F3ADD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C4D33-C782-4B10-95C2-050BCD745DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0581F9-9B99-43F6-852E-BD28BB47B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA7967-D737-4B46-9382-A391DF832219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "E08D39F3-4FE4-4256-AA33-33C29826B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*",
"matchCriteriaId": "830610D8-1B42-4560-ABB4-BA79DD145110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13EFF2D1-D88F-436F-8E82-EAE681DE7AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "828226F9-29AA-437F-8385-B75A6F4F3B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*",
"matchCriteriaId": "5256EEBD-E142-4DCA-AC2E-97F20E32E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD7DE0D-1018-4E04-A771-B2C619E95C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798885D9-B518-4C10-81B9-32AEB512C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "35D38D15-3588-49E4-9396-11DB96FBD448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "ED120987-6F27-4D8E-95DF-E19EBCB0B8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF40252-7E87-4EE6-B2C7-19E8D78C4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E02CCF2-2335-4F08-8061-6CFD7C8B265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AF272FF7-68ED-4D8B-9C17-D9D46AA33335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FAD29A-6A61-4201-A0E6-1F04BF093600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE09C3-B49C-4D7D-BCD1-2AA2104A271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4497A5-6E95-4CB3-999E-53BF890A23F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "20168350-2AD1-4AF4-B0AA-4C2EBF616259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A6931-A3CD-44A7-B170-53B803F321AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A651DB07-0A59-41C5-8788-6A3594A5023C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "199953E2-C5A4-4D7B-9BB4-EF0B1364F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CE765893-71E4-4945-891C-976B97762CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF245AA-7038-4BD4-B2CB-8B0E59200875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEF8714-56FC-4D6C-AE87-072ADD7698A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "E808BCEF-FE45-44D3-B22B-404BC97B89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C14B9D39-BF74-4C69-92BF-DE6E71FDD911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AD83F571-1A58-4159-AC2F-7261F135EF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "BB054736-2F91-4EF3-B04F-80403676374F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEE5A4C-770A-458B-AC1A-8F1F99A0951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E9493-556E-4085-B337-AE211A28DA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4F66E7-7F61-4F59-9213-21598A3DFD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E95D5-D855-4CD4-B44B-66FF029EC823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "218E9850-70F5-4579-9549-47DD16ECD2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB36DD4-0F68-4A47-80D3-F326169BC2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "88B4B254-A4B1-4B3D-9FD6-5E0C4C3E7678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*",
"matchCriteriaId": "684ABC3F-57CB-490B-ADCB-501E0D234E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB30030-A195-4626-AAED-D421454D911D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3FCB9-6CF4-4513-9FB9-D01C58079060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*",
"matchCriteriaId": "913962D9-84AA-4474-800E-5DABF37D52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "35698C89-EACF-4ABF-BA67-AF59B8BD2928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*",
"matchCriteriaId": "951898A7-A060-4853-8C4E-99927794C0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.551:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB33D5A-C2A0-4526-8774-89BA4C079533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA20F35-AC57-4B5B-9EF1-8A4393BD1B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*",
"matchCriteriaId": "2D58D69A-8179-400C-8118-866FB1729DD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The in_mp4 plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via crafted (1) metadata or (2) albumart in an invalid MP4 file."
},
{
"lang": "es",
"value": "El plug-in in_mp4 en Winamp anterior a v5.6 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) manipulando (1) un metadato o (2) AlbumArt en un archivo MP4 no v\u00e1lido."
}
],
"id": "CVE-2010-4373",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-12-02T16:22:22.037",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"source": "cve@mitre.org",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12425"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-4371
Vulnerability from fkie_nvd - Published: 2010-12-02 16:22 - Updated: 2025-04-11 00:51
Severity ?
Summary
Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7D704-AF80-4CB2-8B1B-7F9A08F07507",
"versionEndIncluding": "5.581",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C15A30-0EEF-4E58-BF7B-8F9E0814BF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "32036D60-6151-4607-B181-9E1C30ABAE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "D38C91F9-8371-4BE5-8ADD-CC38BC7584E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "D0873D86-C669-4FEE-83F1-70B61E1DEE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFFD8E7-A443-4131-9CFB-67AA9739E6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "32A6660A-1306-44C0-BA92-D57D0F3ADD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C4D33-C782-4B10-95C2-050BCD745DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0581F9-9B99-43F6-852E-BD28BB47B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA7967-D737-4B46-9382-A391DF832219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "E08D39F3-4FE4-4256-AA33-33C29826B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*",
"matchCriteriaId": "830610D8-1B42-4560-ABB4-BA79DD145110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13EFF2D1-D88F-436F-8E82-EAE681DE7AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "828226F9-29AA-437F-8385-B75A6F4F3B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*",
"matchCriteriaId": "5256EEBD-E142-4DCA-AC2E-97F20E32E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD7DE0D-1018-4E04-A771-B2C619E95C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798885D9-B518-4C10-81B9-32AEB512C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "35D38D15-3588-49E4-9396-11DB96FBD448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "ED120987-6F27-4D8E-95DF-E19EBCB0B8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF40252-7E87-4EE6-B2C7-19E8D78C4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E02CCF2-2335-4F08-8061-6CFD7C8B265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AF272FF7-68ED-4D8B-9C17-D9D46AA33335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FAD29A-6A61-4201-A0E6-1F04BF093600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE09C3-B49C-4D7D-BCD1-2AA2104A271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4497A5-6E95-4CB3-999E-53BF890A23F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "20168350-2AD1-4AF4-B0AA-4C2EBF616259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A6931-A3CD-44A7-B170-53B803F321AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A651DB07-0A59-41C5-8788-6A3594A5023C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "199953E2-C5A4-4D7B-9BB4-EF0B1364F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CE765893-71E4-4945-891C-976B97762CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF245AA-7038-4BD4-B2CB-8B0E59200875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEF8714-56FC-4D6C-AE87-072ADD7698A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "E808BCEF-FE45-44D3-B22B-404BC97B89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C14B9D39-BF74-4C69-92BF-DE6E71FDD911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AD83F571-1A58-4159-AC2F-7261F135EF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "BB054736-2F91-4EF3-B04F-80403676374F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEE5A4C-770A-458B-AC1A-8F1F99A0951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E9493-556E-4085-B337-AE211A28DA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4F66E7-7F61-4F59-9213-21598A3DFD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E95D5-D855-4CD4-B44B-66FF029EC823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "218E9850-70F5-4579-9549-47DD16ECD2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB36DD4-0F68-4A47-80D3-F326169BC2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "88B4B254-A4B1-4B3D-9FD6-5E0C4C3E7678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*",
"matchCriteriaId": "684ABC3F-57CB-490B-ADCB-501E0D234E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB30030-A195-4626-AAED-D421454D911D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3FCB9-6CF4-4513-9FB9-D01C58079060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*",
"matchCriteriaId": "913962D9-84AA-4474-800E-5DABF37D52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "35698C89-EACF-4ABF-BA67-AF59B8BD2928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*",
"matchCriteriaId": "951898A7-A060-4853-8C4E-99927794C0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.551:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB33D5A-C2A0-4526-8774-89BA4C079533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA20F35-AC57-4B5B-9EF1-8A4393BD1B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*",
"matchCriteriaId": "2D58D69A-8179-400C-8118-866FB1729DD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el plugin in_mod en Winamp anterior a v5.6 permite tener un impacto no especificado a trav\u00e9s de vectores relacionados con el cuadro comment."
}
],
"id": "CVE-2010-4371",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-12-02T16:22:21.973",
"references": [
{
"source": "cve@mitre.org",
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"source": "cve@mitre.org",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12309"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-4370
Vulnerability from fkie_nvd - Published: 2010-12-02 16:22 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple integer overflows in the in_midi plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted MIDI file that triggers a buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7D704-AF80-4CB2-8B1B-7F9A08F07507",
"versionEndIncluding": "5.581",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C15A30-0EEF-4E58-BF7B-8F9E0814BF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "32036D60-6151-4607-B181-9E1C30ABAE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "D38C91F9-8371-4BE5-8ADD-CC38BC7584E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "D0873D86-C669-4FEE-83F1-70B61E1DEE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFFD8E7-A443-4131-9CFB-67AA9739E6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "32A6660A-1306-44C0-BA92-D57D0F3ADD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C4D33-C782-4B10-95C2-050BCD745DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0581F9-9B99-43F6-852E-BD28BB47B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA7967-D737-4B46-9382-A391DF832219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "E08D39F3-4FE4-4256-AA33-33C29826B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*",
"matchCriteriaId": "830610D8-1B42-4560-ABB4-BA79DD145110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13EFF2D1-D88F-436F-8E82-EAE681DE7AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "828226F9-29AA-437F-8385-B75A6F4F3B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*",
"matchCriteriaId": "5256EEBD-E142-4DCA-AC2E-97F20E32E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD7DE0D-1018-4E04-A771-B2C619E95C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798885D9-B518-4C10-81B9-32AEB512C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "35D38D15-3588-49E4-9396-11DB96FBD448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "ED120987-6F27-4D8E-95DF-E19EBCB0B8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF40252-7E87-4EE6-B2C7-19E8D78C4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E02CCF2-2335-4F08-8061-6CFD7C8B265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AF272FF7-68ED-4D8B-9C17-D9D46AA33335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FAD29A-6A61-4201-A0E6-1F04BF093600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE09C3-B49C-4D7D-BCD1-2AA2104A271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4497A5-6E95-4CB3-999E-53BF890A23F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "20168350-2AD1-4AF4-B0AA-4C2EBF616259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A6931-A3CD-44A7-B170-53B803F321AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A651DB07-0A59-41C5-8788-6A3594A5023C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "199953E2-C5A4-4D7B-9BB4-EF0B1364F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CE765893-71E4-4945-891C-976B97762CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF245AA-7038-4BD4-B2CB-8B0E59200875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEF8714-56FC-4D6C-AE87-072ADD7698A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "E808BCEF-FE45-44D3-B22B-404BC97B89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C14B9D39-BF74-4C69-92BF-DE6E71FDD911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AD83F571-1A58-4159-AC2F-7261F135EF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "BB054736-2F91-4EF3-B04F-80403676374F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEE5A4C-770A-458B-AC1A-8F1F99A0951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E9493-556E-4085-B337-AE211A28DA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4F66E7-7F61-4F59-9213-21598A3DFD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E95D5-D855-4CD4-B44B-66FF029EC823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "218E9850-70F5-4579-9549-47DD16ECD2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB36DD4-0F68-4A47-80D3-F326169BC2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "88B4B254-A4B1-4B3D-9FD6-5E0C4C3E7678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*",
"matchCriteriaId": "684ABC3F-57CB-490B-ADCB-501E0D234E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB30030-A195-4626-AAED-D421454D911D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3FCB9-6CF4-4513-9FB9-D01C58079060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*",
"matchCriteriaId": "913962D9-84AA-4474-800E-5DABF37D52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "35698C89-EACF-4ABF-BA67-AF59B8BD2928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*",
"matchCriteriaId": "951898A7-A060-4853-8C4E-99927794C0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.551:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB33D5A-C2A0-4526-8774-89BA4C079533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA20F35-AC57-4B5B-9EF1-8A4393BD1B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*",
"matchCriteriaId": "2D58D69A-8179-400C-8118-866FB1729DD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the in_midi plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted MIDI file that triggers a buffer overflow."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos enteros en el plugin in_midi en Winamp anterior a versi\u00f3n 5.6, permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo MIDI especialmente dise\u00f1ado que desencadena un desbordamiento de b\u00fafer."
}
],
"id": "CVE-2010-4370",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-12-02T16:22:21.943",
"references": [
{
"source": "cve@mitre.org",
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"source": "cve@mitre.org",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42004"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/515388/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/515388/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11841"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-2586
Vulnerability from fkie_nvd - Published: 2010-12-02 16:22 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7D704-AF80-4CB2-8B1B-7F9A08F07507",
"versionEndIncluding": "5.581",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C15A30-0EEF-4E58-BF7B-8F9E0814BF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "32036D60-6151-4607-B181-9E1C30ABAE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "D38C91F9-8371-4BE5-8ADD-CC38BC7584E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "D0873D86-C669-4FEE-83F1-70B61E1DEE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFFD8E7-A443-4131-9CFB-67AA9739E6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "32A6660A-1306-44C0-BA92-D57D0F3ADD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C4D33-C782-4B10-95C2-050BCD745DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0581F9-9B99-43F6-852E-BD28BB47B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA7967-D737-4B46-9382-A391DF832219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "E08D39F3-4FE4-4256-AA33-33C29826B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*",
"matchCriteriaId": "830610D8-1B42-4560-ABB4-BA79DD145110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13EFF2D1-D88F-436F-8E82-EAE681DE7AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "828226F9-29AA-437F-8385-B75A6F4F3B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*",
"matchCriteriaId": "5256EEBD-E142-4DCA-AC2E-97F20E32E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD7DE0D-1018-4E04-A771-B2C619E95C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798885D9-B518-4C10-81B9-32AEB512C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "35D38D15-3588-49E4-9396-11DB96FBD448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "ED120987-6F27-4D8E-95DF-E19EBCB0B8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF40252-7E87-4EE6-B2C7-19E8D78C4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E02CCF2-2335-4F08-8061-6CFD7C8B265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AF272FF7-68ED-4D8B-9C17-D9D46AA33335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FAD29A-6A61-4201-A0E6-1F04BF093600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE09C3-B49C-4D7D-BCD1-2AA2104A271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4497A5-6E95-4CB3-999E-53BF890A23F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "20168350-2AD1-4AF4-B0AA-4C2EBF616259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A6931-A3CD-44A7-B170-53B803F321AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A651DB07-0A59-41C5-8788-6A3594A5023C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "199953E2-C5A4-4D7B-9BB4-EF0B1364F117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CE765893-71E4-4945-891C-976B97762CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF245AA-7038-4BD4-B2CB-8B0E59200875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEF8714-56FC-4D6C-AE87-072ADD7698A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "E808BCEF-FE45-44D3-B22B-404BC97B89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C14B9D39-BF74-4C69-92BF-DE6E71FDD911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AD83F571-1A58-4159-AC2F-7261F135EF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "BB054736-2F91-4EF3-B04F-80403676374F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEE5A4C-770A-458B-AC1A-8F1F99A0951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E9493-556E-4085-B337-AE211A28DA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4F66E7-7F61-4F59-9213-21598A3DFD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E95D5-D855-4CD4-B44B-66FF029EC823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "218E9850-70F5-4579-9549-47DD16ECD2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB36DD4-0F68-4A47-80D3-F326169BC2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "88B4B254-A4B1-4B3D-9FD6-5E0C4C3E7678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*",
"matchCriteriaId": "684ABC3F-57CB-490B-ADCB-501E0D234E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB30030-A195-4626-AAED-D421454D911D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3FCB9-6CF4-4513-9FB9-D01C58079060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*",
"matchCriteriaId": "913962D9-84AA-4474-800E-5DABF37D52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "35698C89-EACF-4ABF-BA67-AF59B8BD2928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*",
"matchCriteriaId": "951898A7-A060-4853-8C4E-99927794C0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.551:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB33D5A-C2A0-4526-8774-89BA4C079533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA20F35-AC57-4B5B-9EF1-8A4393BD1B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*",
"matchCriteriaId": "2D58D69A-8179-400C-8118-866FB1729DD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de entero en el plugin in_nsv en Winamp anterior a v5.6 permite a atacantes remotos tener un impacto no especificado trav\u00e9s tabla de contenidos (TOC) manipulada en un (1) flujo NSV o (2) fichero NSV provocando un desbordamiento de pila."
}
],
"id": "CVE-2010-2586",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-12-02T16:22:20.973",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42004"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2010-127/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/514962/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2010-127/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/514962/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-3442 (GCVE-0-2014-3442)
Vulnerability from cvelistv5 – Published: 2014-05-23 14:00 – Updated: 2024-08-06 10:43
VLAI?
Summary
Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:06.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "winamp-cve20143442-code-exec(93173)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93173"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/126636"
},
{
"name": "67429",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67429"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "winamp-cve20143442-code-exec(93173)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93173"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/126636"
},
{
"name": "67429",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67429"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "winamp-cve20143442-code-exec(93173)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93173"
},
{
"name": "http://packetstormsecurity.com/files/126636",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/126636"
},
{
"name": "67429",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67429"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3442",
"datePublished": "2014-05-23T14:00:00",
"dateReserved": "2014-05-09T00:00:00",
"dateUpdated": "2024-08-06T10:43:06.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4694 (GCVE-0-2013-4694)
Vulnerability from cvelistv5 – Published: 2014-04-16 22:00 – Updated: 2024-08-06 16:52
VLAI?
Summary
Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:27.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130701 [CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Jul/4"
},
{
"name": "26558",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/26558"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=364291"
},
{
"name": "winamp-cve20134694-bo(85399)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85399"
},
{
"name": "94739",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/94739"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html"
},
{
"name": "94740",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/94740"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695"
},
{
"name": "1030107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030107"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/122978"
},
{
"name": "60883",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/60883"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20130701 [CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Jul/4"
},
{
"name": "26558",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/26558"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=364291"
},
{
"name": "winamp-cve20134694-bo(85399)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85399"
},
{
"name": "94739",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/94739"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html"
},
{
"name": "94740",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/94740"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695"
},
{
"name": "1030107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030107"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/122978"
},
{
"name": "60883",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/60883"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130701 [CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Jul/4"
},
{
"name": "26558",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/26558"
},
{
"name": "http://forums.winamp.com/showthread.php?t=364291",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=364291"
},
{
"name": "winamp-cve20134694-bo(85399)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85399"
},
{
"name": "94739",
"refsource": "OSVDB",
"url": "http://osvdb.org/94739"
},
{
"name": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html"
},
{
"name": "94740",
"refsource": "OSVDB",
"url": "http://osvdb.org/94740"
},
{
"name": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695",
"refsource": "MISC",
"url": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695"
},
{
"name": "1030107",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030107"
},
{
"name": "http://packetstormsecurity.com/files/122978",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/122978"
},
{
"name": "60883",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/60883"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4694",
"datePublished": "2014-04-16T22:00:00",
"dateReserved": "2013-06-26T00:00:00",
"dateUpdated": "2024-08-06T16:52:27.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4045 (GCVE-0-2012-4045)
Vulnerability from cvelistv5 – Published: 2012-07-22 17:00 – Updated: 2024-08-06 20:21
VLAI?
Summary
Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI file, or (3) decompressed TechSmith Screen Capture Codec (TSCC) data in an AVI file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:15335",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15335"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46624"
},
{
"name": "54131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54131"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI file, or (3) decompressed TechSmith Screen Capture Codec (TSCC) data in an AVI file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:15335",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15335"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46624"
},
{
"name": "54131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54131"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4045",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI file, or (3) decompressed TechSmith Screen Capture Codec (TSCC) data in an AVI file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:15335",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15335"
},
{
"name": "http://forums.winamp.com/showthread.php?t=345684",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46624"
},
{
"name": "54131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54131"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4045",
"datePublished": "2012-07-22T17:00:00",
"dateReserved": "2012-07-22T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3889 (GCVE-0-2012-3889)
Vulnerability from cvelistv5 – Published: 2012-07-11 10:00 – Updated: 2024-08-06 20:21
VLAI?
Summary
The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46624"
},
{
"name": "oval:org.mitre.oval:def:14748",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14748"
},
{
"name": "54131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54131"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46624"
},
{
"name": "oval:org.mitre.oval:def:14748",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14748"
},
{
"name": "54131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54131"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forums.winamp.com/showthread.php?t=345684",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46624"
},
{
"name": "oval:org.mitre.oval:def:14748",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14748"
},
{
"name": "54131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54131"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3889",
"datePublished": "2012-07-11T10:00:00",
"dateReserved": "2012-07-10T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3890 (GCVE-0-2012-3890)
Vulnerability from cvelistv5 – Published: 2012-07-11 10:00 – Updated: 2024-08-06 20:21
VLAI?
Summary
The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:03.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46624"
},
{
"name": "oval:org.mitre.oval:def:15553",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15553"
},
{
"name": "54131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54131"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46624"
},
{
"name": "oval:org.mitre.oval:def:15553",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15553"
},
{
"name": "54131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54131"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forums.winamp.com/showthread.php?t=345684",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46624"
},
{
"name": "oval:org.mitre.oval:def:15553",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15553"
},
{
"name": "54131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54131"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3890",
"datePublished": "2012-07-11T10:00:00",
"dateReserved": "2012-07-10T00:00:00",
"dateUpdated": "2024-08-06T20:21:03.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4857 (GCVE-0-2011-4857)
Vulnerability from cvelistv5 – Published: 2011-12-16 19:00 – Updated: 2024-08-07 00:16
VLAI?
Summary
Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:34.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:15351",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15351"
},
{
"name": "winamp-it-bo(72054)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72054"
},
{
"name": "46882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46882"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:15351",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15351"
},
{
"name": "winamp-it-bo(72054)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72054"
},
{
"name": "46882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46882"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4857",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forums.winamp.com/showthread.php?t=332010",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:15351",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15351"
},
{
"name": "winamp-it-bo(72054)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72054"
},
{
"name": "46882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46882"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4857",
"datePublished": "2011-12-16T19:00:00",
"dateReserved": "2011-12-16T00:00:00",
"dateUpdated": "2024-08-07T00:16:34.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3834 (GCVE-0-2011-3834)
Vulnerability from cvelistv5 – Published: 2011-12-16 19:00 – Updated: 2024-08-06 23:46
VLAI?
Summary
Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:46:03.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2011-81/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:14981",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14981"
},
{
"name": "46882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46882"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2011-81/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:14981",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14981"
},
{
"name": "46882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46882"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2011-3834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2011-81/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2011-81/"
},
{
"name": "http://forums.winamp.com/showthread.php?t=332010",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:14981",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14981"
},
{
"name": "46882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46882"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2011-3834",
"datePublished": "2011-12-16T19:00:00",
"dateReserved": "2011-09-26T00:00:00",
"dateUpdated": "2024-08-06T23:46:03.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2586 (GCVE-0-2010-2586)
Vulnerability from cvelistv5 – Published: 2010-12-02 16:00 – Updated: 2024-08-07 02:39
VLAI?
Summary
Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42004"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"name": "20101201 Secunia Research: Winamp NSV Table of Contents Parsing Integer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514962/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2010-127/"
},
{
"name": "oval:org.mitre.oval:def:12587",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "42004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42004"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"name": "20101201 Secunia Research: Winamp NSV Table of Contents Parsing Integer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514962/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2010-127/"
},
{
"name": "oval:org.mitre.oval:def:12587",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2010-2586",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42004",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42004"
},
{
"name": "http://forums.winamp.com/showthread.php?threadid=159785",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"name": "http://forums.winamp.com/showthread.php?t=324322",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"name": "20101201 Secunia Research: Winamp NSV Table of Contents Parsing Integer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514962/100/0/threaded"
},
{
"name": "http://secunia.com/secunia_research/2010-127/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2010-127/"
},
{
"name": "oval:org.mitre.oval:def:12587",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2010-2586",
"datePublished": "2010-12-02T16:00:00",
"dateReserved": "2010-07-01T00:00:00",
"dateUpdated": "2024-08-07T02:39:37.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4374 (GCVE-0-2010-4374)
Vulnerability from cvelistv5 – Published: 2010-12-02 16:00 – Updated: 2024-08-07 03:43
VLAI?
Summary
The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matroska Video (MKV) file containing a string with a crafted length.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:43:14.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"name": "oval:org.mitre.oval:def:12332",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12332"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=324322"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matroska Video (MKV) file containing a string with a crafted length."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"name": "oval:org.mitre.oval:def:12332",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12332"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=324322"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4374",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matroska Video (MKV) file containing a string with a crafted length."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forums.winamp.com/showthread.php?threadid=159785",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"name": "oval:org.mitre.oval:def:12332",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12332"
},
{
"name": "http://forums.winamp.com/showthread.php?t=324322",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=324322"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4374",
"datePublished": "2010-12-02T16:00:00",
"dateReserved": "2010-12-02T00:00:00",
"dateUpdated": "2024-08-07T03:43:14.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3442 (GCVE-0-2014-3442)
Vulnerability from nvd – Published: 2014-05-23 14:00 – Updated: 2024-08-06 10:43
VLAI?
Summary
Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:06.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "winamp-cve20143442-code-exec(93173)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93173"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/126636"
},
{
"name": "67429",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67429"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "winamp-cve20143442-code-exec(93173)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93173"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/126636"
},
{
"name": "67429",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67429"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "winamp-cve20143442-code-exec(93173)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93173"
},
{
"name": "http://packetstormsecurity.com/files/126636",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/126636"
},
{
"name": "67429",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67429"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3442",
"datePublished": "2014-05-23T14:00:00",
"dateReserved": "2014-05-09T00:00:00",
"dateUpdated": "2024-08-06T10:43:06.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4694 (GCVE-0-2013-4694)
Vulnerability from nvd – Published: 2014-04-16 22:00 – Updated: 2024-08-06 16:52
VLAI?
Summary
Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:27.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130701 [CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Jul/4"
},
{
"name": "26558",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/26558"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=364291"
},
{
"name": "winamp-cve20134694-bo(85399)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85399"
},
{
"name": "94739",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/94739"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html"
},
{
"name": "94740",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/94740"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695"
},
{
"name": "1030107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030107"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/122978"
},
{
"name": "60883",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/60883"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20130701 [CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Jul/4"
},
{
"name": "26558",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/26558"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=364291"
},
{
"name": "winamp-cve20134694-bo(85399)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85399"
},
{
"name": "94739",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/94739"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html"
},
{
"name": "94740",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/94740"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695"
},
{
"name": "1030107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030107"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/122978"
},
{
"name": "60883",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/60883"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130701 [CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Jul/4"
},
{
"name": "26558",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/26558"
},
{
"name": "http://forums.winamp.com/showthread.php?t=364291",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=364291"
},
{
"name": "winamp-cve20134694-bo(85399)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85399"
},
{
"name": "94739",
"refsource": "OSVDB",
"url": "http://osvdb.org/94739"
},
{
"name": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html"
},
{
"name": "94740",
"refsource": "OSVDB",
"url": "http://osvdb.org/94740"
},
{
"name": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695",
"refsource": "MISC",
"url": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695"
},
{
"name": "1030107",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030107"
},
{
"name": "http://packetstormsecurity.com/files/122978",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/122978"
},
{
"name": "60883",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/60883"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4694",
"datePublished": "2014-04-16T22:00:00",
"dateReserved": "2013-06-26T00:00:00",
"dateUpdated": "2024-08-06T16:52:27.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4045 (GCVE-0-2012-4045)
Vulnerability from nvd – Published: 2012-07-22 17:00 – Updated: 2024-08-06 20:21
VLAI?
Summary
Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI file, or (3) decompressed TechSmith Screen Capture Codec (TSCC) data in an AVI file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:15335",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15335"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46624"
},
{
"name": "54131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54131"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI file, or (3) decompressed TechSmith Screen Capture Codec (TSCC) data in an AVI file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:15335",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15335"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46624"
},
{
"name": "54131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54131"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4045",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI file, or (3) decompressed TechSmith Screen Capture Codec (TSCC) data in an AVI file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:15335",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15335"
},
{
"name": "http://forums.winamp.com/showthread.php?t=345684",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46624"
},
{
"name": "54131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54131"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4045",
"datePublished": "2012-07-22T17:00:00",
"dateReserved": "2012-07-22T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3889 (GCVE-0-2012-3889)
Vulnerability from nvd – Published: 2012-07-11 10:00 – Updated: 2024-08-06 20:21
VLAI?
Summary
The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46624"
},
{
"name": "oval:org.mitre.oval:def:14748",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14748"
},
{
"name": "54131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54131"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46624"
},
{
"name": "oval:org.mitre.oval:def:14748",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14748"
},
{
"name": "54131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54131"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forums.winamp.com/showthread.php?t=345684",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46624"
},
{
"name": "oval:org.mitre.oval:def:14748",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14748"
},
{
"name": "54131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54131"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3889",
"datePublished": "2012-07-11T10:00:00",
"dateReserved": "2012-07-10T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3890 (GCVE-0-2012-3890)
Vulnerability from nvd – Published: 2012-07-11 10:00 – Updated: 2024-08-06 20:21
VLAI?
Summary
The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:03.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46624"
},
{
"name": "oval:org.mitre.oval:def:15553",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15553"
},
{
"name": "54131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54131"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46624"
},
{
"name": "oval:org.mitre.oval:def:15553",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15553"
},
{
"name": "54131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54131"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forums.winamp.com/showthread.php?t=345684",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=345684"
},
{
"name": "46624",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46624"
},
{
"name": "oval:org.mitre.oval:def:15553",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15553"
},
{
"name": "54131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54131"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3890",
"datePublished": "2012-07-11T10:00:00",
"dateReserved": "2012-07-10T00:00:00",
"dateUpdated": "2024-08-06T20:21:03.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4857 (GCVE-0-2011-4857)
Vulnerability from nvd – Published: 2011-12-16 19:00 – Updated: 2024-08-07 00:16
VLAI?
Summary
Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:34.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:15351",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15351"
},
{
"name": "winamp-it-bo(72054)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72054"
},
{
"name": "46882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46882"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:15351",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15351"
},
{
"name": "winamp-it-bo(72054)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72054"
},
{
"name": "46882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46882"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4857",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forums.winamp.com/showthread.php?t=332010",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:15351",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15351"
},
{
"name": "winamp-it-bo(72054)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72054"
},
{
"name": "46882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46882"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4857",
"datePublished": "2011-12-16T19:00:00",
"dateReserved": "2011-12-16T00:00:00",
"dateUpdated": "2024-08-07T00:16:34.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3834 (GCVE-0-2011-3834)
Vulnerability from nvd – Published: 2011-12-16 19:00 – Updated: 2024-08-06 23:46
VLAI?
Summary
Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:46:03.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2011-81/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:14981",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14981"
},
{
"name": "46882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46882"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2011-81/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:14981",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14981"
},
{
"name": "46882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46882"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2011-3834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2011-81/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2011-81/"
},
{
"name": "http://forums.winamp.com/showthread.php?t=332010",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:14981",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14981"
},
{
"name": "46882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46882"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2011-3834",
"datePublished": "2011-12-16T19:00:00",
"dateReserved": "2011-09-26T00:00:00",
"dateUpdated": "2024-08-06T23:46:03.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2586 (GCVE-0-2010-2586)
Vulnerability from nvd – Published: 2010-12-02 16:00 – Updated: 2024-08-07 02:39
VLAI?
Summary
Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42004"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"name": "20101201 Secunia Research: Winamp NSV Table of Contents Parsing Integer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514962/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2010-127/"
},
{
"name": "oval:org.mitre.oval:def:12587",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "42004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42004"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"name": "20101201 Secunia Research: Winamp NSV Table of Contents Parsing Integer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514962/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2010-127/"
},
{
"name": "oval:org.mitre.oval:def:12587",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2010-2586",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42004",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42004"
},
{
"name": "http://forums.winamp.com/showthread.php?threadid=159785",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?threadid=159785"
},
{
"name": "http://forums.winamp.com/showthread.php?t=324322",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=324322"
},
{
"name": "20101201 Secunia Research: Winamp NSV Table of Contents Parsing Integer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514962/100/0/threaded"
},
{
"name": "http://secunia.com/secunia_research/2010-127/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2010-127/"
},
{
"name": "oval:org.mitre.oval:def:12587",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2010-2586",
"datePublished": "2010-12-02T16:00:00",
"dateReserved": "2010-07-01T00:00:00",
"dateUpdated": "2024-08-07T02:39:37.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}