CVE-2010-4371

Nullsoft Winamp < 5.581 - Memory Corruption

Title source: rule
STIX 2.1

Description

Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Mighty-D & 7eK · pythonlocalwindows
https://www.exploit-db.com/exploits/15312
exploitdb WORKING POC VERIFIED
by Mighty-D · pythonlocalwindows
https://www.exploit-db.com/exploits/15287
exploitdb WRITEUP VERIFIED
by Luigi Auriemma · textdoswindows
https://www.exploit-db.com/exploits/15248

References (3)

Core 3
Core References
Various Sources x_refsource_confirm
http://forums.winamp.com/showthread.php?threadid=159785
Various Sources x_refsource_confirm
http://forums.winamp.com/showthread.php?t=324322
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12309

Scores

EPSS 0.0634
EPSS Percentile 91.0%

Details

CWE
CWE-119
Status published
Products (50)
nullsoft/winamp 0.20a
nullsoft/winamp 0.92
nullsoft/winamp 1.006
nullsoft/winamp 1.90
nullsoft/winamp 2.0
nullsoft/winamp 2.6
nullsoft/winamp 2.9
nullsoft/winamp 2.10
nullsoft/winamp 2.91
nullsoft/winamp 2.92
... and 40 more
Published Dec 02, 2010
Tracked Since Feb 18, 2026