Heap-based Buffer Overflow in Winamp Plugin Affects Users
CVE-2011-4857

Currently unrated

Key Information:

Vendor

Nullsoft

Status
Winamp
Vendor
CVE Published:
16 December 2011

What is CVE-2011-4857?

A vulnerability exists in the in_mod.dll plugin for Winamp, prior to version 5.623, which may allow remote attackers to execute arbitrary code by sending specially crafted message data within an Impulse Tracker (IT) file. This exploitation method targets the memory heap, leading to unpredictable behavior and potential system compromise.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://forums.winamp.com/showthread.php?t=332010
x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/72054
vdb-entryx_refsource_XF

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.