Denial of Service Vulnerability in Winamp's MKV Plugin
CVE-2010-4374

Currently unrated

Key Information:

Vendor: Nullsoft
Status: Winamp
Vendor: CVE Published:; 2 December 2010

What is CVE-2010-4374?

The in_mkv plugin in Winamp prior to version 5.6 is susceptible to a denial of service attack. By crafting a malicious MKV file containing an exceptionally long string, remote attackers can exploit this vulnerability, leading to an application crash. Users of Winamp should take caution when handling MKV files from untrusted sources to avoid potential disruptions.

References

http://forums.winamp.com/showthread.php?threadid=159785

x_refsource_CONFIRM

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://forums.winamp.com/showthread.php?t=324322

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 2, 2010
Vulnerability Reserved
Dec 2, 2010

Nullsoft

What is CVE-2010-4374?

References

Timeline