Winamp < 5.666 Multiple Memory Corruptions
Medium Nessus Plugin ID 71787
SynopsisThe remote Windows host contains a multimedia application that is affected by multiple memory corruption vulnerabilities.
DescriptionThe remote host is running Winamp, a media player for Windows. The version of Winamp installed on the remote host is a version prior to 5.666. It is, therefore, reportedly affected by the following vulnerabilities :
- A memory corruption error exists in 'in_midi.dll' when processing specially crafted '.kar' files.
- A memory corruption error exists in 'libmp4v2.dll' due to a NULL pointer dereference when processing specially crafted files.
An attacker could exploit these vulnerabilities to cause a denial of service.
SolutionUpgrade to Winamp 5.666 (184.108.40.20616) or later.