Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.
Max CVSS
4.3
EPSS Score
2.08%
Published
2014-05-23
Updated
2017-08-29
Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk.
Max CVSS
7.5
EPSS Score
19.08%
Published
2014-04-16
Updated
2017-08-29
The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file.
Max CVSS
6.8
EPSS Score
0.54%
Published
2012-07-11
Updated
2017-09-19
The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file.
Max CVSS
6.8
EPSS Score
0.54%
Published
2012-07-11
Updated
2017-09-19
The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matroska Video (MKV) file containing a string with a crafted length.
Max CVSS
4.3
EPSS Score
0.45%
Published
2010-12-02
Updated
2017-09-19
The in_mp4 plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via crafted (1) metadata or (2) albumart in an invalid MP4 file.
Max CVSS
4.3
EPSS Score
0.45%
Published
2010-12-02
Updated
2017-09-19
Multiple buffer overflows in Winamp 5.541 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a large Common Chunk (COMM) header value in an AIFF file and (2) a large invalid value in an MP3 file.
Max CVSS
10.0
EPSS Score
90.84%
Published
2009-01-23
Updated
2017-10-19
7 vulnerabilities found