Buffer Overflow Vulnerability in Winamp Audio Player
CVE-2009-0263

Currently unrated

Key Information:

Vendor

Nullsoft

Status
Winamp
Vendor
CVE Published:
23 January 2009

What is CVE-2009-0263?

Winamp, a popular audio player, is susceptible to multiple buffer overflow vulnerabilities in version 5.541 and earlier. These vulnerabilities can be exploited by remote attackers through specially crafted AIFF and MP3 files. An attacker can modify a Common Chunk (COMM) header value in an AIFF file or introduce a large invalid value in an MP3 file, potentially leading to a denial of service condition or arbitrary code execution on the impacted system.

References

https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://www.vupen.com/english/advisories/2009/0113
vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/bid/33226
vdb-entryx_refsource_BID

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.