icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons

Winamp < 5.64 Multiple Vulnerabilities

High

Synopsis

The remote host has a media player installed that is vulnerable to multiple attack vectors

Description

The remote host is running Winamp, a media player for Windows. Versions of Winamp earlier than 5.64 are potentially affected by the following overflow vulnerabilities :

- A buffer overflow exists in the 'ml_local.dll' when passed GUI search fields.

- A buffer overflow exists in the 'gen_jumpex.dll' when handling Skins directory names.

- Invalid pointer dereference vulnerabilities exist in the 'gen_ff.dll' library when loading the links.xml.

Successful exploitation can allow arbitrary code execution

Solution

Upgrade to Winamp 5.64 (5.6.4.3418) or later.