Download
| Alert*
|
oval:org.secpod.oval:def:3498
The host is installed with Winamp before 5.623 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted song message data in an Impulse Tracker file. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:3499 The host is installed with Winamp before 5.623 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fail to handle an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk. Successful exploitation cou ... oval:org.secpod.oval:def:16677 The host is installed with Winamp before 5.24 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly verify the authenticity of updates. Successful exploitation allows man-in-the-middle attackers to execute arbitrary code via a Trojan ho ... oval:org.secpod.oval:def:16678 The host is installed with Winamp before 5.541 and is prone to Cross-zone scripting vulnerability. A flaw is present in the application, which fails to handle MP3 file with JavaScript in id3 tags. Successful exploitation allows attackers to conduct cross-site scripting (XSS) attacks. oval:org.secpod.oval:def:49 The host is installed with Winamp 5.6 or earlier version and is prone to buffer overflow vulnerability. A flaw is present in in_mod plugin, which fails to properly handle comment box. Successful exploitation allows remote attackers to cause a buffer overflow condition. oval:org.secpod.oval:def:48 The host is installed with Winamp 5.6 or earlier version and is prone to integer overflow vulnerability. A flaw is present in in_nsv plugin, which fails to properly allocate memory for NSV metadata. Successful exploitation allows remote attackers to cause an integer to overflow. oval:org.secpod.oval:def:47 The host is installed with Winamp 5.6 or earlier version and is prone to denial of service vulnerability. A flaw is present in in_mkv plugin, which fails to properly read a string that is exactly SIZE_MAX bytes. Successful exploitation allows remote attackers to crash the application using a Matrosk ... oval:org.secpod.oval:def:46 The host is installed with Winamp 5.6 or earlier version and is prone to denial of service vulnerability. A flaw is present in in_mp4 plugin, which fails to properly handle a metadata or albumart in an MP4 file. Successful exploitation allows remote attackers to crash the application using an invali ... oval:org.secpod.oval:def:16684 The host is installed with Winamp before 5.552 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted MAKI file. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:16680 The host is installed with Winamp before 5.55 and is prone to multiple stack-based buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle a large Common Chunk (COMM) header value in an AIFF file and a large invalid value in an MP3 file. Successful exploitati ... oval:org.secpod.oval:def:51 The host is installed with Winamp 5.6 or earlier version and is prone to multiple integer overflow vulnerabilities. The flaws are present in in_nsv plugin, which fails to parse the Table of Contents (TOC) correctly. Successful exploitation allow remote attackers to execute arbitrary code using sn NS ... oval:org.secpod.oval:def:50 The host is installed with Winamp 5.6 or earlier version and is prone to multiple integer overflow vulnerabilities. The flaws are present in in_midi plugin, which fails to handle invalid MIDI files. Successful exploitation allow remote attackers to trigger an integer overflow condition. |
