Info

Disclosure

Nov 30, 2010

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Nov 27, 2010

Description

Winamp is prone to an overflow condition. An integer overflow error in 'in_nsv.dll' when parsing the NSV Table of Contents data can result in a heap-based buffer overflow. With a specially crafted stream or file, a context-dependent attacker can potentially execute arbitrary code.

Classification

Location: Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Private
Disclosure: RBS Confirmed, Vendor Verified, Coordinated Disclosure

Solution

Upgrade to version 5.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

NullSoft	WinAmp	5.581
		5.59 Beta Build 3033

References

CVE ID: 2010-2586 (see also: NVD)
Secunia Advisory ID: 42004
Related OSVDB ID: 69535
Vendor Specific News/Changelog Entry: http://forums.winamp.com/showthread.php?t=324322
http://forums.winamp.com/showthread.php?threadid=159785
Other Advisory URL: http://secunia.com/secunia_research/2010-127/
News Article: http://www.theregister.co.uk/2010/12/01/winamp_security_update
Vendor URL: http://www.winamp.com/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/69534

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

NullSoft

WinAmp

References

Credit