CVE-2014-3442

Winamp < 5.666 - Denial of Service via Malformed FLV File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3442. PoCs published by Aryan Bayaninejad.

AI-analyzed exploit summary This exploit triggers a memory corruption vulnerability in Winamp 5.666 by providing a malformed FLV file, leading to a denial-of-service (DoS) condition. The payload consists of a crafted binary structure designed to corrupt memory during parsing.

Description

Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Aryan Bayaninejad · perldoswindows

https://www.exploit-db.com/exploits/39180

View Code ZIP pw:eip

This exploit triggers a memory corruption vulnerability in Winamp 5.666 by providing a malformed FLV file, leading to a denial-of-service (DoS) condition. The payload consists of a crafted binary structure designed to corrupt memory during parsing.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Winamp 5.666

No auth needed

Prerequisites: Victim must open the malformed FLV file in Winamp

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/93173

Exploit x_refsource_misc

http://packetstormsecurity.com/files/126636

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/67429

Scores

EPSS 0.1704

EPSS Percentile 95.2%

Details

CWE

CWE-119

Status published

Products (47)

nullsoft/winamp 5.0

nullsoft/winamp 5.01

nullsoft/winamp 5.02

nullsoft/winamp 5.2

nullsoft/winamp 5.3

nullsoft/winamp 5.03

nullsoft/winamp 5.04

nullsoft/winamp 5.05

nullsoft/winamp 5.5

nullsoft/winamp 5.06

... and 37 more

Published May 23, 2014

Tracked Since Feb 18, 2026