Multiple heap-based buffer overflows in AOL Nullsoft WinAmp prior to 5.31 allow user-assisted remote malicious users to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protocol handler or (2) unspecified Lyrics3 tags.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nullsoft winamp 5.24 |
||
nullsoft winamp 5.3 |