CVE-2007-1921 — Out-of-bounds Write in Winamp

2 documents2 sources

Severity

9.3CRITICALNVD

EPSS

15.1%

top 5.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nullsoft Winamp

Timeline

PublishedApr 10

Latest updateMay 1

Description

LIBSNDFILE.DLL, as used by AOL Nullsoft Winamp 5.33 and possibly other products, allows remote attackers to execute arbitrary code via a crafted .MAT file that contains a value that is used as an offset, which triggers memory corruption.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDnullsoft/winamp5.33

🔴Vulnerability Details

GHSA

GHSA-76j7-r765-rqgv: LIBSNDFILE↗2022-05-01

▶