vendor:
Winamp
by:
data$hack
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Winamp
Affected Version From: 2.18
Affected Version To: 2.18
Patch Exists: YES
Related CWE: CVE-2009-1350
CPE: 2.3:a:nullsoft:winamp:2.18
Metasploit:
N/A
Other Scripts:
https://www.infosecmatter.com/nessus-plugin-library/?id=36103, https://www.infosecmatter.com/metasploit-module-library/?mm=exploit/windows/smb/netidentity_xtierrpcpipe, https://www.infosecmatter.com/nessus-plugin-library/?id=137170, https://www.infosecmatter.com/list-of-metasploit-windows-exploits-detailed-spreadsheet/, https://www.infosecmatter.com/nessus-plugin-library/?id=62580, https://www.infosecmatter.com/nessus-plugin-library/?id=62579, https://www.infosecmatter.com/nessus-plugin-library/?id=57770
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP Pro SP2
2009
Buffer Overflow Exploit in Winamp 2.18
This exploit is a buffer overflow vulnerability in Winamp 2.18. It is triggered when a specially crafted .m3u file is opened in Winamp. The exploit overwrites the EIP register with a jump to the shellcode, which is then executed.
Mitigation:
Upgrade to the latest version of Winamp