Winamp < 5.64 Multiple Vulnerabilities
High Nessus Plugin ID 67207
SynopsisThe remote Windows host contains a multimedia application that is affected by multiple vulnerabilities.
DescriptionThe remote host is running Winamp, a media player for Windows.
The version of Winamp installed on the remote host is earlier than 5.64 and is, therefore, reportedly affected by the following vulnerabilities :
- A buffer overflow exists in the 'ml_local.dll' when passed GUI search fields.
- A buffer overflow exists in the 'gen_jumpex.dll' when handling Skins directory names.
- Invalid pointer dereference vulnerabilities exist in the 'gen_ff.dll' library when loading the links.xml.
Successful exploitation can allow arbitrary code execution.
SolutionUpgrade to Winamp 5.64 (126.96.36.19918) or later.