WinAmp version 5.63 buffer overflow exploit that leverages how skins are handled incorrectly.
b7b8323d0f2912432388831222006fc44f18caa39d9dfcb7d498e1994fe67ee5
WinAmp version 5.63 suffers from a stack-based buffer overflow vulnerability. The application loads the directories in %PROGRAMFILES%\WinAmp\Skins on startup to determine the skins that have been installed and to list them in the application menu point "Skins" and in the Skins Browser. But the application does not properly validate the length of the directory name before passing it as argument to a lstrcpynW call in the library gen_jumpex.dll, which leads to a buffer overflow condition with possible code execution.
a76ea933b9df26a37cc6888564494cffff7f2cecd9238e9b31fca155cae86ed4