Tenable5689.PRMWinamp < 5.59 Build 3033 Multiple Vulnerabilities
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
80.6%
The remote host is running Winamp, a media player for Windows.
Versions of Winamp earlier than 5.59 build 3033 are potentially affected by multiple vulnerabilities :
-
Winamp loads libraries in an insecure manner. (CVE-2010-3137)
-
An integer overflow vulnerability exists in the ‘in_mkv.dll’ plugin when parsing MKV content.
-
A heap-based buffer overflow vulnerability exists in the ‘in_midi.dll’ plugin when parsing MIDI content.
-
A stack-based buffer overflow vulnerability exists in the ‘in_mod.dll’ plugin when parsing Multitracker Module files.
-
A heap-based buffer overflow vulnerability exists in the ‘in_nsv.dll’ plugin when parsing NSV content.
-
A heap-based buffer overflow vulnerability exists when parsing VP6 video content.
Binary data 5689.prmRelated
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
80.6%