CVE-2001-0490

Nullsoft Winamp 2.6x-2.7x - Buffer Overflow via AIP File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0490. PoCs published by byterage.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow in Winamp 2.6x/2.7x via a maliciously crafted Audiosoft parameter file (*.AIP). It overwrites the stack to redirect execution to shellcode that displays a message box and terminates the process.

Description

Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute arbitrary code via a long string in an AIP file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by byterage · cremotewindows

https://www.exploit-db.com/exploits/20820

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow in Winamp 2.6x/2.7x via a maliciously crafted Audiosoft parameter file (*.AIP). It overwrites the stack to redirect execution to shellcode that displays a message box and terminates the process.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Winamp 2.6x/2.7x with WMAUDSDK.DLL v4.00.0000.3845

No auth needed

Prerequisites: Victim must open the malicious *.AIP file in Winamp

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2001-04/0518.html

Scores

EPSS 0.0354

EPSS Percentile 87.8%

Details

Status published

Products (2)

nullsoft/winamp 2.6x

nullsoft/winamp 2.7x

Published Jun 27, 2001

Tracked Since Feb 18, 2026