CVE-2010-2586

Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
flexeraCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
nullsoftwinamp
𝑥
≤ 5.581
nullsoftwinamp
0.20a:a
nullsoftwinamp
0.92
nullsoftwinamp
1.006
nullsoftwinamp
1.90
nullsoftwinamp
2.0
nullsoftwinamp
2.6
nullsoftwinamp
2.9
nullsoftwinamp
2.10
nullsoftwinamp
2.91
nullsoftwinamp
2.92
nullsoftwinamp
2.95
nullsoftwinamp
5.0
nullsoftwinamp
5.01
nullsoftwinamp
5.1
nullsoftwinamp
5.02
nullsoftwinamp
5.2
nullsoftwinamp
5.3
nullsoftwinamp
5.03
nullsoftwinamp
5.04
nullsoftwinamp
5.05
nullsoftwinamp
5.5
nullsoftwinamp
5.06
nullsoftwinamp
5.07
nullsoftwinamp
5.08c:c
nullsoftwinamp
5.08d:d
nullsoftwinamp
5.08e:e
nullsoftwinamp
5.09
nullsoftwinamp
5.11
nullsoftwinamp
5.12
nullsoftwinamp
5.13
nullsoftwinamp
5.21
nullsoftwinamp
5.22
nullsoftwinamp
5.23
nullsoftwinamp
5.24
nullsoftwinamp
5.31
nullsoftwinamp
5.32
nullsoftwinamp
5.33
nullsoftwinamp
5.34
nullsoftwinamp
5.35
nullsoftwinamp
5.51
nullsoftwinamp
5.52
nullsoftwinamp
5.53
nullsoftwinamp
5.54
nullsoftwinamp
5.55
nullsoftwinamp
5.56
nullsoftwinamp
5.58
nullsoftwinamp
5.091
nullsoftwinamp
5.093
nullsoftwinamp
5.094
nullsoftwinamp
5.111
nullsoftwinamp
5.112
nullsoftwinamp
5.531
nullsoftwinamp
5.541
nullsoftwinamp
5.551
nullsoftwinamp
5.552
nullsoftwinamp
5.572
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://forums.winamp.com/showthread.php?t=324322
http://forums.winamp.com/showthread.php?threadid=159785
http://secunia.com/advisories/42004
http://secunia.com/secunia_research/2010-127/
http://www.securityfocus.com/archive/1/514962/100/0/threaded
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587
http://forums.winamp.com/showthread.php?t=324322
http://forums.winamp.com/showthread.php?threadid=159785
http://secunia.com/advisories/42004
http://secunia.com/secunia_research/2010-127/
http://www.securityfocus.com/archive/1/514962/100/0/threaded
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12587