Remote Memory Corruption Vulnerability in Winamp by Nullsoft
CVE-2014-3442

Currently unrated

Key Information:

Vendor: Nullsoft
Status: Winamp
Vendor: CVE Published:; 23 May 2014

What is CVE-2014-3442?

Winamp, a popular media player by Nullsoft, is susceptible to a denial of service attack due to a vulnerability that arises from memory corruption. Specifically, an attacker can leverage a specially crafted .FLV file, causing the application to crash. This vulnerability stems from the improper handling of the file format, allowing remote attackers to disrupt service availability by targeting unsuspecting users.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/93173

vdb-entryx_refsource_XF

http://packetstormsecurity.com/files/126636

x_refsource_MISC

http://www.securityfocus.com/bid/67429

vdb-entryx_refsource_BID

EPSS Score

11% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 23, 2014
Vulnerability Reserved
May 9, 2014