Winamp 5.x 多个整数溢出漏洞

BUGTRAQ ID: 51015 CVE ID: CVE-2011-3834,CVE-2011-4857 Winamp是流行的通用音乐播放器。 Winamp在实现上存在多个整数溢出漏洞，攻击者可利用这些漏洞执行任意代码。 1）当使用流标头分配内存时，inavi.dll插件中的整数溢出错误可通过特制的AVI文件导致堆缓冲区溢出。 2）在使用RIFF INFO块尺寸值分配内存时，inavi.dll插件中的整数溢出错误可通过特制的AVI文件导致堆缓冲区溢出。 0 Nullsoft Winamp 5.x 厂商补丁： Nullsoft --------...

Winamp AVI And IT Files Parsing Buffer Overflow Vulnerabilities

This host is installed with Winamp and is prone to buffer overflow vulnerabilities. OpenVAS Vulnerability Test $Id: secpodwinampavianditfilebofvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ Winamp AVI And IT Files Parsing Buffer Overflow Vulnerabilities Authors: Rachana Shetty Copyright: Copyright ...

Winamp 5.622多个远程安全漏洞

BUGTRAQ ID: 50387 Winamp是流行的通用音乐播放器。 Winamp 5.622在实现上存在多个远程漏洞，远程攻击者可利用这些漏洞执行任意代码或造成拒绝服务。 1在处理Creative Music Format CMF标头中的"iOffsetMusic"值时，inmidi.dll插件中存在错误，可被利用通过特制的MIDI文件造成堆缓冲区溢出。 2）在处理Advanced Module Format AMF标头中的"channels"值时，inmod.dl插件中存在错误，可被利用通过特制的".amf"文件造成堆缓冲区溢出。 3）在处理Nullsoft Streaming...

Winamp 5.6存在多个安全漏洞

Bugtraq ID: 48457 Winamp是一款流行的媒体播放器。 Winamp存在多个安全漏洞，允许攻击者执行任意代码或使应用程序崩溃。 -当解析On2 TrueMotion VP6 codec编码的媒体文件时vp6.w5s存在错误，如果构建的FLV媒体文件中"version"字段超过8，可触发内存破坏。 -解析H263视频内容中"CustomWidth"和"CustomHeight"字段时存在错误，构建特制FLV文件可触发内存破坏。 -解压缩帧时nsvdecvp5.dll存在错误，构建特制的NSV文件可触发基于堆的缓冲区溢出。...

Nullsoft Winamp MIDI Timestamp Stack Buffer Overflow (CVE-2010-4370)

Winamp is a popular multimedia player, produced by Nullsoft, which is capable of playing many formats of audio and video files. Winamp can play CD tracks, MP3 music files or MPEG video files, as well as numerous other formats. Among the audio files supported by Winamp are MIDI files and MUS files...

Winamp Insecure Library Loading Vulnerability

This host is installed with Winamp and is prone to insecure library loading vulnerability. OpenVAS Vulnerability Test $Id: gbwinampinsecurelibloadvuln.nasl 5388 2017-02-21 15:13:30Z teissa $ Winamp Insecure Library Loading Vulnerability Authors: Madhuri D Copyright: Copyright c 2010 Greenbone...

CVE-2010-3137

Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf...

Design/Logic Flaw

Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf...

CVE-2010-3137

Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf...

CVE-2010-3137

CVE-2010-3137 targets Winamp 5.581 (and potentially other versions) via an untrusted search path: a Trojan wnaspi32.dll placed in the same folder as specific media files (.669, .aac, .aiff, .amf, .au, .avr, .b4s, .caf, .cda) can enable DLL hijacking and arbitrary code execution. The connected Ope...

Nullsoft Winamp 5.581 DLL Hijacking Exploit

/ Nullsoft Winamp 5.581 wnaspi32.dll DLL Hijacking Exploit Vendor: Nullsoft. Product Web Page: http://www.winamp.com Affected Version: 5.581 x86 Summary: Winamp is a media player for Windows-based PCs, written by Nullsoft, now a subsidiary of AOL. It is proprietary freeware/shareware, multi-forma...

Nullsoft Winamp 5.581 (wnaspi32.dll) DLL Hijacking Exploit

Summary Winamp is a media player for Windows-based PCs, written by Nullsoft, now a subsidiary of AOL. It is proprietary freeware/shareware, multi-format, extensible with plug-ins and skins, and is noted for its graphical sound visualization, playlist, and media library features. Description Winam...

NullSoft Winamp 5.581 - wnaspi32.dll DLL Hijacking

NullSoft Winamp 5.581 - wnaspi32.dll DLL Hijacking / Nullsoft Winamp 5.581 wnaspi32.dll DLL Hijacking Exploit Vendor: Nullsoft. Product Web Page: http://www.winamp.com Affected Version: 5.581 x86 Summary: Winamp is a media player for Windows-based PCs, written by Nullsoft, now a subsidiary of AOL...

NullSoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking

/ Nullsoft Winamp 5.581 wnaspi32.dll DLL Hijacking Exploit Vendor: Nullsoft. Product Web Page: http://www.winamp.com Affected Version: 5.581 x86 Summary: Winamp is a media player for Windows-based PCs, written by Nullsoft, now a subsidiary of AOL. It is proprietary freeware/shareware, multi-forma...

Nullsoft Winamp 5.581 DLL Hijacking Exploit (wnaspi32.dll)

Exploit for windows platform in category local exploits ========================================================== Nullsoft Winamp 5.581 DLL Hijacking Exploit wnaspi32.dll ========================================================== / Nullsoft Winamp 5.581 wnaspi32.dll DLL Hijacking Exploit Vendor:...

VUPEN Security Research - Winamp Player FLV Data Processing Multiple Overflow Vulnerabilities

VUPEN Security Research - Winamp Player FLV Data Processing Multiple Overflow Vulnerabilities http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Winamp is a proprietary media player for Windows-based PCs, written by Nullsoft, now a subsidiary of AOL. It is...

Winamp VP6内容解析栈溢出漏洞

BUGTRAQ ID: 41591 Winamp是一款流行的媒体播放器，支持多种文件格式。 Winamp的vp6.w5s组件在解析畸形的Flash Video数据时存在栈溢出漏洞，用户受骗打开了特制的FLV文件就会导致执行任意代码。 Nullsoft Winamp 5.x 厂商补丁： Nullsoft -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.winamp.com/help/VersionHistoryWinamp5.58...

Winamp v5.571 Malicious AVI Denial of Service

No description provided by source. Tested on Windows 7 and Winamp v5.571x86 This bug is informed to Nullsoft and was fixed long back. The status can be found at http://forums.winamp.com/showthread.php?s=&threadid=316000 This code works on Python 3.0. To make it work on 3.0 remove braces in print...

Winamp v5.571 Malicious AVI Denial of Service

Exploit for windows platform in category dos / poc ============================================= Winamp v5.571 Malicious AVI Denial of Service ============================================= Tested on Windows 7 and Winamp v5.571x86 This bug is informed to Nullsoft and was fixed long back. The statu...

Winamp 5.571 - .avi Denial of Service

Winamp 5.571 - .avi Denial of Service Tested on Windows 7 and Winamp v5.571x86 This bug is informed to Nullsoft and was fixed long back. The status can be found at http://forums.winamp.com/showthread.php?s=&threadid=316000 This code works on Python 3.0. To make it work on 3.0 remove braces in pri...