Multiple heap-based buffer overflows in bmp.w5s in Winamp prior to 5.63 build 3235 allow remote malicious users to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI file, or (3) decompressed TechSmith Screen Capture Codec (TSCC) data in an AVI file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nullsoft winamp |