CVE-2011-3834

Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
flexeraCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
VendorProductVersion
nullsoftwinamp
𝑥
≤ 5.622
nullsoftwinamp
0.20a:a
nullsoftwinamp
0.92
nullsoftwinamp
1.006
nullsoftwinamp
1.90
nullsoftwinamp
2.0
nullsoftwinamp
2.6
nullsoftwinamp
2.9
nullsoftwinamp
2.10
nullsoftwinamp
2.91
nullsoftwinamp
2.92
nullsoftwinamp
2.95
nullsoftwinamp
5.0
nullsoftwinamp
5.01
nullsoftwinamp
5.1
nullsoftwinamp
5.02
nullsoftwinamp
5.2
nullsoftwinamp
5.3
nullsoftwinamp
5.03
nullsoftwinamp
5.04
nullsoftwinamp
5.05
nullsoftwinamp
5.5
nullsoftwinamp
5.6
nullsoftwinamp
5.06
nullsoftwinamp
5.07
nullsoftwinamp
5.08c:c
nullsoftwinamp
5.08d:d
nullsoftwinamp
5.08e:e
nullsoftwinamp
5.09
nullsoftwinamp
5.11
nullsoftwinamp
5.12
nullsoftwinamp
5.13
nullsoftwinamp
5.21
nullsoftwinamp
5.22
nullsoftwinamp
5.23
nullsoftwinamp
5.24
nullsoftwinamp
5.31
nullsoftwinamp
5.32
nullsoftwinamp
5.33
nullsoftwinamp
5.34
nullsoftwinamp
5.35
nullsoftwinamp
5.51
nullsoftwinamp
5.52
nullsoftwinamp
5.53
nullsoftwinamp
5.54
nullsoftwinamp
5.55
nullsoftwinamp
5.56
nullsoftwinamp
5.57
nullsoftwinamp
5.58
nullsoftwinamp
5.091
nullsoftwinamp
5.093
nullsoftwinamp
5.094
nullsoftwinamp
5.111
nullsoftwinamp
5.112
nullsoftwinamp
5.531
nullsoftwinamp
5.541
nullsoftwinamp
5.551
nullsoftwinamp
5.552
nullsoftwinamp
5.572
nullsoftwinamp
5.581
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://forums.winamp.com/showthread.php?t=332010
http://secunia.com/advisories/46882
http://secunia.com/secunia_research/2011-81/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14981
http://forums.winamp.com/showthread.php?t=332010
http://secunia.com/advisories/46882
http://secunia.com/secunia_research/2011-81/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14981