N/A

Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk.

N/A

N/A

Nullsoft Winamp 多个基于栈的缓冲区溢出漏洞

Nullsoft Winamp是美国Nullsoft公司开发的一套免费的媒体播放器软件，现为美国在线（AOL）旗下产品之一。该软件支持多种媒体格式、皮肤更换和插件扩展等，同时也具备最基本的播放列表和媒体库功能。 Winamp 5.63及之前版本的gen_jumpex.dll文件中存在基于栈的缓冲区溢出漏洞。远程攻击者可借助带有长Skin目录名称的数据包利用该漏洞造成拒绝服务（崩溃），也可能执行任意代码。

N/A

N/A