[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:60389
The host is installed with Winamp through 5.63 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to validate the length of the string loaded from the "link name" and "home url" keys before using them in a pointer call in the library gen_ff.d ...

oval:org.mitre.oval:def:1402
Buffer overflow in Nullsoft Winamp 5.11 or 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).

oval:org.secpod.oval:def:3498
The host is installed with Winamp before 5.623 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted song message data in an Impulse Tracker file. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:6726
The host is installed with Winamp before 5.63 build 3235 and is prone to multiple heap-based buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle bmp.w5s when processing decompressed TechSmith Screen Capture Codec (TSCC) data within AVI files. Successful e ...

oval:org.secpod.oval:def:6724
The host is installed with Winamp before 5.63 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the in_mod plugin. Successful exploitation allows attackers to cause heap memory corruption or possibly have unspecified other impact.

oval:org.secpod.oval:def:6725
The host is installed with Winamp before 5.63 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle in_mod plugin. Successful exploitation allows attackers to cause a denial of service or possibly have unspecified other impact via a .IT file.

oval:org.secpod.oval:def:17478
The host is installed with Winamp before 5.64 build 3418 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle package with a long skin directory name. Successful exploitation allows remote attackers to cause a denial of service (cra ...

oval:org.secpod.oval:def:3499
The host is installed with Winamp before 5.623 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fail to handle an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk. Successful exploitation cou ...

oval:org.secpod.oval:def:16676
The host is installed with Winamp 5.21, 5.5 or 5.51 and is prone to multiple stack-based buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle a long artist or name tag in Ultravox streaming metadata. Successful exploitation allows attackers to execute arbi ...

oval:org.secpod.oval:def:16679
The host is installed with Winamp 5.55 or 5.541 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle crafted description chunks in a CAF audio file. Successful exploitation allows attackers to execute arbitrary code.

oval:org.secpod.oval:def:16677
The host is installed with Winamp before 5.24 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly verify the authenticity of updates. Successful exploitation allows man-in-the-middle attackers to execute arbitrary code via a Trojan ho ...

oval:org.secpod.oval:def:16678
The host is installed with Winamp before 5.541 and is prone to Cross-zone scripting vulnerability. A flaw is present in the application, which fails to handle MP3 file with JavaScript in id3 tags. Successful exploitation allows attackers to conduct cross-site scripting (XSS) attacks.

oval:org.secpod.oval:def:49
The host is installed with Winamp 5.6 or earlier version and is prone to buffer overflow vulnerability. A flaw is present in in_mod plugin, which fails to properly handle comment box. Successful exploitation allows remote attackers to cause a buffer overflow condition.

oval:org.secpod.oval:def:48
The host is installed with Winamp 5.6 or earlier version and is prone to integer overflow vulnerability. A flaw is present in in_nsv plugin, which fails to properly allocate memory for NSV metadata. Successful exploitation allows remote attackers to cause an integer to overflow.

oval:org.secpod.oval:def:47
The host is installed with Winamp 5.6 or earlier version and is prone to denial of service vulnerability. A flaw is present in in_mkv plugin, which fails to properly read a string that is exactly SIZE_MAX bytes. Successful exploitation allows remote attackers to crash the application using a Matrosk ...

oval:org.secpod.oval:def:46
The host is installed with Winamp 5.6 or earlier version and is prone to denial of service vulnerability. A flaw is present in in_mp4 plugin, which fails to properly handle a metadata or albumart in an MP4 file. Successful exploitation allows remote attackers to crash the application using an invali ...

oval:org.mitre.oval:def:12056
Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in Winamp before 5.59 Beta build 3033 might allow remote attackers to execute arbitrary code via a crafted VP6 (1) video file or (2) video stream.

oval:org.secpod.oval:def:41286
The host is installed with Winamp through 5.666 Build 3516 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted .flv file. Successful exploitation allows remote attackers to cause a denial of service (crash) and possibly ex ...

oval:org.secpod.oval:def:41287
The host is installed with Winamp through 5.666 Build 3516 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted .flv file. Successful exploitation allows remote attackers to cause a denial of service (crash) and possibly ex ...

oval:org.secpod.oval:def:41284
The host is installed with Winamp through 5.666 Build 3516 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted .flv file. Successful exploitation allows remote attackers to cause a denial of service (crash) and possibly ex ...

oval:org.secpod.oval:def:41285
The host is installed with Winamp through 5.666 Build 3516 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted .flv file. Successful exploitation allows remote attackers to cause a denial of service (crash) and possibly ex ...

oval:org.secpod.oval:def:16686
The host is installed with Winamp before 5.57 and is prone to heap-based buffer overflow vulnerability. The flaws are present in the application, which fails to handle an Ultratracker file. Successful exploitation allows attackers to execute arbitrary code.

oval:org.secpod.oval:def:16687
The host is installed with Winamp before 5.57 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle an Oktalyzer file. Successful exploitation allows attackers to execute arbitrary code.

oval:org.secpod.oval:def:16684
The host is installed with Winamp before 5.552 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted MAKI file. Successful exploitation allows attackers to execute arbitrary code.

oval:org.secpod.oval:def:16685
The host is installed with Winamp before 5.57 and is prone to multiple heap-based buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle crafted samples or crafted instrument definitions in an Impulse Tracker file. Successful exploitation allows attackers to ...

oval:org.secpod.oval:def:16688
The host is installed with Winamp before 5.57 and is prone to multiple integer-based buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle malformed JPEG or PNG data in an MP3 file. Successful exploitation allows attackers to execute arbitrary code.

oval:org.secpod.oval:def:16682
The host is installed with Winamp before 5.56 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a VOC file with an invalid header value. Successful exploitation allows attackers to execute arbitrary code.

oval:org.secpod.oval:def:16683
The host is installed with Winamp before 5.56 and is prone to heap-based buffer overflow vulnerability. The flaws are present in the application, which fails to handle an AIFF file with an invalid header value. Successful exploitation allows attackers to execute arbitrary code.

oval:org.secpod.oval:def:16680
The host is installed with Winamp before 5.55 and is prone to multiple stack-based buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle a large Common Chunk (COMM) header value in an AIFF file and a large invalid value in an MP3 file. Successful exploitati ...

oval:org.secpod.oval:def:16681
The host is installed with Winamp 5.541 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle gen_msn.dll in the gen_msn plugin 0.31. Successful exploitation allows attackers to execute arbitrary code.

oval:org.mitre.oval:def:6874
Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf, . ...

oval:org.mitre.oval:def:6897
Winamp is installed (32-bit)

oval:org.secpod.oval:def:51
The host is installed with Winamp 5.6 or earlier version and is prone to multiple integer overflow vulnerabilities. The flaws are present in in_nsv plugin, which fails to parse the Table of Contents (TOC) correctly. Successful exploitation allow remote attackers to execute arbitrary code using sn NS ...

oval:org.secpod.oval:def:50
The host is installed with Winamp 5.6 or earlier version and is prone to multiple integer overflow vulnerabilities. The flaws are present in in_midi plugin, which fails to handle invalid MIDI files. Successful exploitation allow remote attackers to trigger an integer overflow condition.

oval:org.secpod.oval:def:90724
Updates available for Winamp.

*CPE
cpe:/a:nullsoft:winamp:::x86

© SecPod Technologies