Winamp < 5.622 Multiple Vulnerabilities
High Nessus Plugin ID 56681
SynopsisThe remote Windows host contains a multimedia application that is affected by multiple vulnerabilities.
DescriptionThe remote host is running Winamp, a media player for Windows.
The version of Winamp installed on the remote host is earlier than 5.622 and is affected by the following overflow vulnerabilities :
- A heap-based buffer overflow exists in the plugin 'in_midi.dll' when processing the 'iOffsetMusic' value in the 'Creative Music Format' (CMF) header.
- A heap-based buffer overflow exists in the plugin 'in_mod.dll' when processing the 'channels' value in the 'Advanced Module Format' (AMF) header.
- A heap-based buffer overflow exists in the plugin 'in_nsv.dll' when processing the 'toc_alloc' value in the 'Nullsoft Streaming Video' (NSF) header.
- Integer overflow errors exist in the 'TSCC', 'RGB', and 'YUV' decoders.
SolutionUpgrade to Winamp 5.622 or later.