Denial of Service Vulnerability in Winamp's in_mp4 Plugin
CVE-2010-4373

Currently unrated

Key Information:

Vendor: Nullsoft
Status: Winamp
Vendor: CVE Published:; 2 December 2010

What is CVE-2010-4373?

The in_mp4 plugin in Winamp prior to version 5.6 is susceptible to a denial of service vulnerability. Attackers can exploit this flaw by creating specially crafted MP4 files that include either malformed metadata or improperly formatted album art. When these files are processed by Winamp, the application may crash, leading to service disruption for the user. This vulnerability highlights the importance of ensuring media files are secured against malicious modifications to prevent unexpected application behavior.

References

http://forums.winamp.com/showthread.php?threadid=159785

x_refsource_CONFIRM

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://forums.winamp.com/showthread.php?t=324322

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 2, 2010
Vulnerability Reserved
Dec 2, 2010

Nullsoft

What is CVE-2010-4373?

References

Timeline