CVE-2010-2586

2010-12-0216:00:00

flexera

www.cve.org

AI Score

7.5

Confidence

High

EPSS

0.109

Percentile

95.1%

JSON

Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow.

References

forums.winamp.com/showthread.php?t=324322

forums.winamp.com/showthread.php?threadid=159785

secunia.com/advisories/42004

secunia.com/secunia_research/2010-127/

www.securityfocus.com/archive/1/514962/100/0/threaded

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587