Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Winamp < 5.63 Multiple Vulnerabilities



The remote host has a media player installed that is vulnerable to multiple attack vectors


The remote host is running Winamp, a media player for Windows. Versions of Winamp earlier than 5.63 are potentially affected by the following overflow vulnerabilities :

- A memory corruption error exists in 'in_mod.dll' related to input validation when handling 'Impulse Tracker' (IT) files.

- Heap-based buffer overflows exist related to 'bmp.w5s' when handling 'BI_RGB' and 'UYVY' data in AVI files. Processing decompressed TechSmith Screen Capture Codec (TSCC) data in AVI files can also trigger a heap-based buffer overflow.

Successful exploitation can allow arbitrary code execution.


Upgrade to Winamp 5.63 ( or later.