Published: 19/07/2005 Updated: 08/03/2011

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions prior to 5.094, allows remote malicious users to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nullsoft winamp 5.03a
nullsoft winamp 5.09
nullsoft winamp 5.091
nullsoft winamp

source: wwwsecurityfocuscom/bid/14276/info Winamp is susceptible to a buffer overflow vulnerability in its ID3v2 functionality This issue is due to a failure of the application to properly bounds check input data prior to copying it into a fixed size memory buffer This issue will facilitate remote exploitation as an attacker may distri ...

CWE-119 http://security.lss.hr/index.php?page=details&ID=LSS-2005-07-14 http://securitytracker.com/id?1014483 http://www.securityfocus.com/bid/14276 http://secunia.com/advisories/16077 http://www.winamp.com/player/version_history.php http://www.osvdb.org/17897 http://www.vupen.com/english/advisories/2005/1106 https://nvd.nist.gov https://www.exploit-db.com/exploits/25989/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-2310

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect