Lucene search
MitreCVE-2009-0263HistoryJan 23, 2009 - 7:00 p.m.
CVE-2009-0263
2009-01-2319:00:05
CWE-119
mitre
web.nvd.nist.gov
25
4
buffer overflow
winamp
cve-2009-0263
denial of service
remote code execution
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8
Confidence
High
EPSS
0.906
Percentile
98.9%
Multiple buffer overflows in Winamp 5.541 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a large Common Chunk (COMM) header value in an AIFF file and (2) a large invalid value in an MP3 file.
Affected configurations
Node
nullsoftwinampRange≤5.541
ORnullsoftwinampMatch2.0
ORnullsoftwinampMatch2.4
ORnullsoftwinampMatch2.5e
ORnullsoftwinampMatch2.6x
ORnullsoftwinampMatch2.7x
ORnullsoftwinampMatch2.10
ORnullsoftwinampMatch2.24
ORnullsoftwinampMatch2.50
ORnullsoftwinampMatch2.60
ORnullsoftwinampMatch2.60full
ORnullsoftwinampMatch2.60lite
ORnullsoftwinampMatch2.61
ORnullsoftwinampMatch2.61full
ORnullsoftwinampMatch2.62
ORnullsoftwinampMatch2.62standard
ORnullsoftwinampMatch2.64
ORnullsoftwinampMatch2.64standard
ORnullsoftwinampMatch2.65
ORnullsoftwinampMatch2.70
ORnullsoftwinampMatch2.70full
ORnullsoftwinampMatch2.71
ORnullsoftwinampMatch2.72
ORnullsoftwinampMatch2.73
ORnullsoftwinampMatch2.73full
ORnullsoftwinampMatch2.74
ORnullsoftwinampMatch2.75
ORnullsoftwinampMatch2.76
ORnullsoftwinampMatch2.77
ORnullsoftwinampMatch2.78
ORnullsoftwinampMatch2.79
ORnullsoftwinampMatch2.80
ORnullsoftwinampMatch2.81
ORnullsoftwinampMatch2.90
ORnullsoftwinampMatch2.91
ORnullsoftwinampMatch2.95
ORnullsoftwinampMatch3.0
ORnullsoftwinampMatch3.1
ORnullsoftwinampMatch5.0
ORnullsoftwinampMatch5.0.1
ORnullsoftwinampMatch5.0.2
ORnullsoftwinampMatch5.01
ORnullsoftwinampMatch5.1
ORnullsoftwinampMatch5.02
ORnullsoftwinampMatch5.2
ORnullsoftwinampMatch5.3
ORnullsoftwinampMatch5.03
ORnullsoftwinampMatch5.03a
ORnullsoftwinampMatch5.04
ORnullsoftwinampMatch5.05
ORnullsoftwinampMatch5.5
ORnullsoftwinampMatch5.06
ORnullsoftwinampMatch5.07
ORnullsoftwinampMatch5.08
ORnullsoftwinampMatch5.08c
ORnullsoftwinampMatch5.08d
ORnullsoftwinampMatch5.08e
ORnullsoftwinampMatch5.08c
ORnullsoftwinampMatch5.08d
ORnullsoftwinampMatch5.08e
ORnullsoftwinampMatch5.09
ORnullsoftwinampMatch5.11
ORnullsoftwinampMatch5.12
ORnullsoftwinampMatch5.13
ORnullsoftwinampMatch5.21
ORnullsoftwinampMatch5.22
ORnullsoftwinampMatch5.23
ORnullsoftwinampMatch5.24
ORnullsoftwinampMatch5.31
ORnullsoftwinampMatch5.32
ORnullsoftwinampMatch5.33
ORnullsoftwinampMatch5.34
ORnullsoftwinampMatch5.35
ORnullsoftwinampMatch5.36
ORnullsoftwinampMatch5.51
ORnullsoftwinampMatch5.52
ORnullsoftwinampMatch5.53
ORnullsoftwinampMatch5.54
ORnullsoftwinampMatch5.091
ORnullsoftwinampMatch5.093
ORnullsoftwinampMatch5.094
ORnullsoftwinampMatch5.111
ORnullsoftwinampMatch5.112
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nullsoft | winamp | * | cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.0 | cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.4 | cpe:2.3:a:nullsoft:winamp:2.4:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.5e | cpe:2.3:a:nullsoft:winamp:2.5e:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.6x | cpe:2.3:a:nullsoft:winamp:2.6x:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.7x | cpe:2.3:a:nullsoft:winamp:2.7x:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.10 | cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.24 | cpe:2.3:a:nullsoft:winamp:2.24:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.50 | cpe:2.3:a:nullsoft:winamp:2.50:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.60 | cpe:2.3:a:nullsoft:winamp:2.60:*:*:*:*:*:*:* |
References
Social References
More
Related
openvas
openvas
Winamp AIFF File Multiple Buffer Overflow Vulnerabilities
2009-01-29 00:00:00
Winamp AIFF File Multiple Buffer Overflow Vulnerabilities
2009-01-29 00:00:00
exploitdb
exploitdb
nessus
nessus
Winamp < 5.55 AIFF File Handling Overflow
2009-03-07 00:00:00
prion
prion
Buffer overflow
2009-01-23 19:00:00
cvelist
cvelist
CVE-2009-0263
2009-01-23 18:38:00
checkpoint_advisories
checkpoint_advisories
Nullsoft Winamp AIFF Parsing Heap Buffer Overflow (CVE-2009-0263)
2009-10-06 00:00:00
nvd
nvd
CVE-2009-0263
2009-01-23 19:00:05
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8
Confidence
High
EPSS
0.906
Percentile
98.9%
Related for CVE-2009-0263