Winamp < 5.622 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 6056
SynopsisThe remote host has a media player installed that is vulnerable to multiple attack vectors.
DescriptionThe remote host is running Winamp, a media player for Windows.
Versions of Winamp earlier than 5.622 are potentially affected by the following overflow vulnerabilities :
- A heap-based buffer overflow exists in the plugin in_midi.dll when processing the iOffsetMusic value in the Creative Music Format (CMF) header.
- A heap-based buffer overflow exists in the plugin in_mod.dll when processing the channels value in the Advanced Module Format (AMF) header.
- A heap-based buffer overflow exists in the plugin in_nsv.dll when processing the toc_alloc value in the Nullsoft Streaming Video (NSF) header.
- Integer overflow errors exist in the TSCC RGB and YUV decoders.
SolutionUpgrade to Winamp 5.622 or later.