Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-4371Improper Restriction of Operations within the Bounds of a Memory Buffer in Winamp

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents3 sources
Severity
9.3CRITICALNVD
EPSS
6.3%
top 8.99%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Nullsoft Winamp
Timeline
PublishedDec 2
Latest updateMay 17

Description

Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDnullsoft/winamp5.581+56

🔴Vulnerability Details

1
GHSA
GHSA-6368-3rvc-v3fc: Buffer overflow in the in_mod plugin in Winamp before 52022-05-17

💥Exploits & PoCs

3
Exploit-DB
Winamp 5.5.8.2985 (in_mod plugin) - Local Stack Overflow2010-10-25
Exploit-DB
Winamp 5.5.8 (in_mod plugin) - Local Stack Overflow2010-10-19
Exploit-DB
Winamp 5.5.8.2985 - Multiple Buffer Overflows2010-10-13