Winamp < 5.59 build 3033 Multiple Vulnerabilities
High Nessus Plugin ID 50379
SynopsisThe remote Windows host contains a multimedia application that is affected by multiple vulnerabilities.
DescriptionThe remote host is running Winamp, a media player for Windows.
The version of Winamp installed on the remote host is earlier than 5.59 build 3033. Such versions are potentially affected by multiple vulnerabilities :
- Winamp loads libraries in an insecure manner. (CVE-2010-3137)
- An integer overflow vulnerability exists in the 'in_mkv.dll' plugin when parsing MKV content.
- A heap-based buffer overflow vulnerability exists in the 'in_midi.dll' plugin when parsing MIDI content.
- A stack-based buffer overflow vulnerability exists in the 'in_mod.dll' plugin when parsing Multitracker Module files.
- A heap-based buffer overflow vulnerability exists in the 'in_nsv.dll' plugin when parsing NSV content.
- A heap-based buffer overflow vulnerability exists when parsing VP6 video content.
SolutionUpgrade to Winamp 5.59 build 3033 or later.