Detections
Analytics

Winamp < 5.622 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 6056

Synopsis

The remote host has a media player installed that is vulnerable to multiple attack vectors.

Description

The remote host is running Winamp, a media player for Windows.

Versions of Winamp earlier than 5.622 are potentially affected by the following overflow vulnerabilities :

- A heap-based buffer overflow exists in the plugin in_midi.dll when processing the iOffsetMusic value in the Creative Music Format (CMF) header.

 - A heap-based buffer overflow exists in the plugin in_mod.dll when processing the channels value in the Advanced Module Format (AMF) header.

 - A heap-based buffer overflow exists in the plugin in_nsv.dll when processing the toc_alloc value in the Nullsoft Streaming Video (NSF) header.

 - Integer overflow errors exist in the TSCC RGB and YUV decoders.

Solution

Upgrade to Winamp 5.622 or later.

See Also

http://forums.winamp.com/showthread.php?t=332010

Plugin Details

Severity: High

ID: 6056

Family: Generic

Published: 10/31/2011

Updated: 3/6/2019

Nessus ID: 56681

Vulnerability Information

Patch Publication Date: 10/26/2011

Vulnerability Publication Date: 10/26/2011

Reference Information

BID: 50387