CVE-2010-2586
published 2010-12-02CVE-2010-2586: Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of…
PriorityP342critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
5.54%
91.9th percentile
Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow.
Affected
57 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nullsoft | winamp | <= 5.581 | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xrqw-4q5c-x35c: Integer overflow in the in_nsv plugin in Winamp before 5
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2010-4372 [CRITICAL] GHSA-xrqw-4q5c-x35c: Integer overflow in the in_nsv plugin in Winamp before 5
Integer overflow in the in_nsv plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to improper allocation of memory for NSV metadata, a different vulnerability than CVE-2010-2586.
GHSA
GHSA-q6xw-8r38-j7rr: Multiple integer overflows in in_nsv
ghsa_unreviewed·2022-05-14
CVE-2010-2586 [HIGH] GHSA-q6xw-8r38-j7rr: Multiple integer overflows in in_nsv
Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://forums.winamp.com/showthread.php?t=324322http://forums.winamp.com/showthread.php?threadid=159785http://secunia.com/advisories/42004http://secunia.com/secunia_research/2010-127/http://www.securityfocus.com/archive/1/514962/100/0/threadedhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587http://forums.winamp.com/showthread.php?t=324322http://forums.winamp.com/showthread.php?threadid=159785http://secunia.com/advisories/42004http://secunia.com/secunia_research/2010-127/http://www.securityfocus.com/archive/1/514962/100/0/threadedhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587
2010-12-02
Published