CVE-2013-4694

Winamp <5.64 Build 3418 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Ayman Sagy · pythonlocalwindows
https://www.exploit-db.com/exploits/27874
exploitdb WRITEUP VERIFIED
by Julien Ahrens · textdoswindows
https://www.exploit-db.com/exploits/26558

References (11)

Core 11
Core References
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2013/Jul/4
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/26558
Patch, Vendor Advisory x_refsource_confirm
http://forums.winamp.com/showthread.php?t=364291
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/94739
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/85399
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/94740
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030107
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/60883

Scores

EPSS 0.4070
EPSS Percentile 97.4%

Details

CWE
CWE-119
Status published
Products (47)
nullsoft/winamp 0.20a
nullsoft/winamp 0.92
nullsoft/winamp 1.006
nullsoft/winamp 1.90
nullsoft/winamp 2.0
nullsoft/winamp 2.6
nullsoft/winamp 2.9
nullsoft/winamp 2.10
nullsoft/winamp 2.91
nullsoft/winamp 2.92
... and 37 more
Published Apr 16, 2014
Tracked Since Feb 18, 2026