Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Winamp < 5.622 Multiple Vulnerabilities

High

Synopsis

The remote host has a media player installed that is vulnerable to multiple attack vectors.

Description

The remote host is running Winamp, a media player for Windows.

Versions of Winamp earlier than 5.622 are potentially affected by the following overflow vulnerabilities :

- A heap-based buffer overflow exists in the plugin in_midi.dll when processing the iOffsetMusic value in the Creative Music Format (CMF) header.

- A heap-based buffer overflow exists in the plugin in_mod.dll when processing the channels value in the Advanced Module Format (AMF) header.

- A heap-based buffer overflow exists in the plugin in_nsv.dll when processing the toc_alloc value in the Nullsoft Streaming Video (NSF) header.

- Integer overflow errors exist in the TSCC RGB and YUV decoders.

Solution

Upgrade to Winamp 5.622 or later.