Winamp 5.572 local buffer overflow EIP and SEH DEP bypass exploit.
fb782d54f780e79c14f53a9397d02e994ff5fa0e7fa8279c9d55629976d69269Winamp version 5.13 suffers from an exception handling vulnerability that can result in a denial of service condition.
2127aabbcaa4db304cf0c119fce2dc6c3fd0e678df17d3ddab23e717e65636b1Zero Day Initiative Advisory 12-098 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of America Online's Toolbar, Desktop, IM, and winamp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the dnUpdater ActiveX Control. When initializing the ActiveX control object, dnu.exe assumes the 5th argument being used for the Init() method, to be a legitimate pointer to a function. This vulnerability can be leveraged to execute code under the context of the user.
a43f556f3d5f1fb2f42adb830bd5d07dc569dc14ea9ec83ad846c3de1fe60ccbSecunia Security Advisory - Multiple vulnerabilities have been reported in Winamp, which can be exploited by malicious people to compromise a user's system.
d8e4f35c4fbabe7b3b8f430d6f1ef2314112d9e7c1807792c432800ef31af6a4Secunia Research has discovered two vulnerabilities in Winamp version 5.622, which can be exploited by malicious people to compromise a user's system. An integer overflow error in the in_avi.dll plugin when allocating memory using the number of streams header value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file. An integer overflow error in the in_avi.dll plugin when allocating memory using the RIFF INFO chunk's size value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file.
86c5793878c1f8e344414a71231e48221830efa8d32e47599710d676f1c3ff5dSecunia Security Advisory - Multiple vulnerabilities have been discovered in Winamp, which can be exploited by malicious people to compromise a user's system.
615afc6964b598c79bbb20ac4257ffbb84351b2c10d0a8ebef7bd83e8118c9a3Secunia Security Advisory - Hossein Lotfi has discovered some vulnerabilities in Winamp, which can be exploited by malicious people to compromise a user's system.
ccdca99aeeaa82b914c541c1379566bbe0ba4fb13e8e6547cc83c16cd38710e1Winamp versions 5.61 and below suffer from multiple heap overflow vulnerabilities.
0f2a78b4aac0afcb240d087a9fde529d8e28496927a3ddde83f0f2d6fba82506Winamp versions 5.61 and below suffer from multiple heap overflows and corruption and an integer overflow. Proof of concept code included.
23df304bc95256e399de1584a4c2057c6c417d43ffde347c35effa2a74e84e08Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Winamp Essentials Pack, which can be exploited by malicious people to potentially compromise a user's system.
bb1b3c84a23dbb042ad2b784630dd4f0755a81ffc9bed5ef6ac4c448c6efde6eSecunia Security Advisory - Luigi Auriemma has discovered multiple vulnerabilities in Winamp, which can be exploited by malicious people to potentially compromise a user's system.
5fec86c28aced98338ede35504e07c2670a77b97235b380a5ba48ab9710929ceSecunia Security Advisory - Alexander Gavrun has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system.
1b81d4bf7f2645bba055cce2682a81346ec892113e638d0b765e68ff07758372Winamp version 5.61 suffers from an in_midi component heap overflow vulnerability. Crash proof of concept included.
4e587b2065afe9000d5eadcffc9ee680db5536ffe5b1558ebc5d6f888035f8f8Winamp version 5.6.1 remote command execution exploit that creates a malicious .pls file which downloads http://127.0.0.1:8888/ked/k.exe and executes it.
951cfcd795431f472714b27715c7498a8c271c5442fc74020bf46e76bcfd93c4Winamp versions 5.6.1 and below denial of service exploit that creates a malicious .au file.
1093736eb6916886f123f020cd47b6de1b3bc2e092a5d7c3d45937d0657f9882This Metasploit module exploits a stack buffer overflow in Winamp versions 5.6. and below.
fabf211b3b506c551c2e8279623e0cc08abb01c2f42086093e1fc4ca1b63808aWinamp versions 5.6.1 and below .m3u8 file stack buffer overflow exploit.
014341a21e6db3c2879ad11fed51ffede42c5d72a9ad4acb04bded3c670cb393Winamp versions 5.6.1 and below Install Language SEH overflow exploit.
3c232be98852803324a77a65c0b794bf06e43d7e91abd9b055dbee63cf79186dWinamp version 5.61 .avi file denial of service proof of concept exploit.
d7eded42258ccb7867ed395d6417cc61e79d5258f8a9c0196eae0fa65812e8baWinamp version 5.5.8 in_mod plugin stack overflow exploit with SEH overwrite.
feb72f893ce8d6647ab5b6fcb31efa8b6cd25c2d5a9cdcc6f0d2372519799bccWinamp version 5.581 suffers from an issue where a MIDI file format parsing vulnerability exists in the in_midi plugin and can be exploited with a specially crafted input file. The plugin suffers from an integer wrapping flaw which leads to a heap overflow. If an attacker is able to entice the user to open a malicious file, successful exploitation leads to code being executed in the context of the logged in user.
a8b8f3e3e25c067189ac39da517a2ec77d8b99282a4a9bfc5fe1ba596e26901dSecunia Security Advisory - A vulnerability with an unknown impact has been reported in Winamp.
fe0212a238fc451f624ed1ea5b3aee8226541457564d0910225f66884758cc52Winamp versions 5.6 and 5.5.81 suffer from an arbitrary code execution vulnerability in their MIDI parser.
6f22772bf5ad2a66e10ae1f6c6493f376514c549ca7824e2f1f3c68d4d85234cSecunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an integer overflow error in the "in_nsv.dll" plugin when parsing the Table of Contents. This can be exploited to cause a heap-based buffer overflow via a specially crafted NSV stream or file. Successful exploitation allows execution of arbitrary code.
0e11ad9228e8586e68caa98094db7b108049945b5e471bad6d6329da58669380Secunia Security Advisory - Multiple vulnerabilities have been reported in Winamp, which can be exploited by malicious people to compromise a user's system.
a3abdd580ee7fc9aa985fd2b918f6e6faee82313be86a117e9b2ff6026cff05fSecunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error in the VP6 codec (vp6.w5s) when parsing VP6 video content. This can be exploited to cause a heap-based buffer overflow via a specially crafted media file or stream. Successful exploitation may allow execution of arbitrary code. Version 5.581 is affected.
589a067f3f1289bab05e944bfaf2f2cc31e132d0938bcb4b2965adc396c3972b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed