Lucene search

K

Kaspersky LabKLA10019

HistoryMay 23, 2014 - 12:00 a.m.

KLA10019 DoS vulnerability in Winamp

2014-05-2300:00:00

Kaspersky Lab

threats.kaspersky.com

28

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.021

Percentile

89.1%

An unspecified vulnerability was found in Winamp. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network at a point related to Winamp F263 Decoder Service via a malformed .FLV file.

Original advisories

Related products

CVE list

CVE-2014-3442 warning

Solution

Update to latest version

Impacts

DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

Winamp versions 5.666 and earlier.

References

web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3442

statistics.securelist.com/

threats.kaspersky.com/en/product/Winamp/

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.021

Percentile

89.1%

Related for KLA10019

cve1 cvelist1 nvd1 prion1 packetstorm1 exploitdb1 openvas1