CVE-2010-3137

Nullsoft Winamp 5.581 - RCE

Title source: llm

Description

Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf, .au, .avr, .b4s, .caf or .cda file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by LiquidWorm · clocalwindows

https://www.exploit-db.com/exploits/14789

View Code ZIP pw:eip

References (4)

[Various Sources] http://www.cs.ucdavis.edu/research/tech-reports/2010/CSE-2010-2.pdf

[Exploit] http://www.exploit-db.com/exploits/14789

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6874

[Third Party Advisory] http://secunia.com/advisories/41093

Scores

EPSS 0.0420

EPSS Percentile 88.8%

Details

Status published

Products (1)

nullsoft/winamp 5.581

Published Aug 26, 2010

Tracked Since Feb 18, 2026