CVE-2014-3442

Nullsoft Winamp < 5.666 - Memory Corruption

Title source: rule

Description

Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Aryan Bayaninejad · perldoswindows

https://www.exploit-db.com/exploits/39180

View Code ZIP pw:eip

References (3)

[Exploit] http://packetstormsecurity.com/files/126636

[Exploit] http://www.securityfocus.com/bid/67429

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/93173

Scores

EPSS 0.1704

EPSS Percentile 95.0%

Details

CWE

CWE-119

Status published

Products (47)

nullsoft/winamp 5.0

nullsoft/winamp 5.01

nullsoft/winamp 5.02

nullsoft/winamp 5.2

nullsoft/winamp 5.3

nullsoft/winamp 5.03

nullsoft/winamp 5.04

nullsoft/winamp 5.05

nullsoft/winamp 5.5

nullsoft/winamp 5.06

... and 37 more

Published May 23, 2014

Tracked Since Feb 18, 2026