Integer Overflow Vulnerability in Winamp Plugin
CVE-2011-3834

Currently unrated

Key Information:

Vendor

Nullsoft

Status
Winamp
Vendor
CVE Published:
16 December 2011

What is CVE-2011-3834?

The in_avi.dll plugin in Winamp prior to version 5.623 contains multiple integer overflow vulnerabilities that can be exploited by remote attackers. By crafting specific AVI files, attackers can manipulate the number of streams or the size of the RIFF INFO chunk. This manipulation may lead to a heap-based buffer overflow, allowing for arbitrary code execution on the affected system, putting users at significant risk. It is crucial to apply updates to mitigate potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/secunia_research/2011-81/
x_refsource_MISC
http://forums.winamp.com/showthread.php?t=332010
x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.