CVE-2011-3834
Winamp AVI Processing Two Integer Overflows
Severity Score
7.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow.
Múltiples desbordamientos de entero en el componente in_avi.dll de Winamp en versiones anteriores de 5.623. Permite a atacantes remotos ejecutar código arbitrario a través de un archivo AVI con un valor modificado de (1) el número de streams o (2) el tamaño de los conjuntos ("chunk") RIFF INFO, provocando un desbordamiento de memoria dinámica.
Secunia Research has discovered two vulnerabilities in Winamp version 5.622, which can be exploited by malicious people to compromise a user's system. An integer overflow error in the in_avi.dll plugin when allocating memory using the number of streams header value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file. An integer overflow error in the in_avi.dll plugin when allocating memory using the RIFF INFO chunk's size value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-09-26 CVE Reserved
- 2011-12-12 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-189: Numeric Errors
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://forums.winamp.com/showthread.php?t=332010 | X_refsource_confirm | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14981 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/46882 | 2017-09-19 | |
| http://secunia.com/secunia_research/2011-81 | 2017-09-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | <= 5.622 Search vendor "Nullsoft" for product "Winamp" and version " <= 5.622" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 0.20a Search vendor "Nullsoft" for product "Winamp" and version "0.20a" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 0.92 Search vendor "Nullsoft" for product "Winamp" and version "0.92" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 1.006 Search vendor "Nullsoft" for product "Winamp" and version "1.006" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 1.90 Search vendor "Nullsoft" for product "Winamp" and version "1.90" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.0 Search vendor "Nullsoft" for product "Winamp" and version "2.0" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.6 Search vendor "Nullsoft" for product "Winamp" and version "2.6" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.9 Search vendor "Nullsoft" for product "Winamp" and version "2.9" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.10 Search vendor "Nullsoft" for product "Winamp" and version "2.10" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.91 Search vendor "Nullsoft" for product "Winamp" and version "2.91" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.92 Search vendor "Nullsoft" for product "Winamp" and version "2.92" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.95 Search vendor "Nullsoft" for product "Winamp" and version "2.95" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.0 Search vendor "Nullsoft" for product "Winamp" and version "5.0" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.01 Search vendor "Nullsoft" for product "Winamp" and version "5.01" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.1 Search vendor "Nullsoft" for product "Winamp" and version "5.1" | surround |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.02 Search vendor "Nullsoft" for product "Winamp" and version "5.02" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.2 Search vendor "Nullsoft" for product "Winamp" and version "5.2" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.3 Search vendor "Nullsoft" for product "Winamp" and version "5.3" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.03 Search vendor "Nullsoft" for product "Winamp" and version "5.03" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.04 Search vendor "Nullsoft" for product "Winamp" and version "5.04" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.05 Search vendor "Nullsoft" for product "Winamp" and version "5.05" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.5 Search vendor "Nullsoft" for product "Winamp" and version "5.5" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.6 Search vendor "Nullsoft" for product "Winamp" and version "5.6" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.06 Search vendor "Nullsoft" for product "Winamp" and version "5.06" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.07 Search vendor "Nullsoft" for product "Winamp" and version "5.07" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.08c Search vendor "Nullsoft" for product "Winamp" and version "5.08c" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.08d Search vendor "Nullsoft" for product "Winamp" and version "5.08d" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.08e Search vendor "Nullsoft" for product "Winamp" and version "5.08e" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.09 Search vendor "Nullsoft" for product "Winamp" and version "5.09" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.11 Search vendor "Nullsoft" for product "Winamp" and version "5.11" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.12 Search vendor "Nullsoft" for product "Winamp" and version "5.12" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.13 Search vendor "Nullsoft" for product "Winamp" and version "5.13" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.21 Search vendor "Nullsoft" for product "Winamp" and version "5.21" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.22 Search vendor "Nullsoft" for product "Winamp" and version "5.22" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.23 Search vendor "Nullsoft" for product "Winamp" and version "5.23" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.24 Search vendor "Nullsoft" for product "Winamp" and version "5.24" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.31 Search vendor "Nullsoft" for product "Winamp" and version "5.31" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.32 Search vendor "Nullsoft" for product "Winamp" and version "5.32" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.33 Search vendor "Nullsoft" for product "Winamp" and version "5.33" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.34 Search vendor "Nullsoft" for product "Winamp" and version "5.34" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.35 Search vendor "Nullsoft" for product "Winamp" and version "5.35" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.51 Search vendor "Nullsoft" for product "Winamp" and version "5.51" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.52 Search vendor "Nullsoft" for product "Winamp" and version "5.52" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.53 Search vendor "Nullsoft" for product "Winamp" and version "5.53" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.54 Search vendor "Nullsoft" for product "Winamp" and version "5.54" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.55 Search vendor "Nullsoft" for product "Winamp" and version "5.55" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.56 Search vendor "Nullsoft" for product "Winamp" and version "5.56" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.57 Search vendor "Nullsoft" for product "Winamp" and version "5.57" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.58 Search vendor "Nullsoft" for product "Winamp" and version "5.58" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.091 Search vendor "Nullsoft" for product "Winamp" and version "5.091" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.093 Search vendor "Nullsoft" for product "Winamp" and version "5.093" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.094 Search vendor "Nullsoft" for product "Winamp" and version "5.094" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.111 Search vendor "Nullsoft" for product "Winamp" and version "5.111" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.112 Search vendor "Nullsoft" for product "Winamp" and version "5.112" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.531 Search vendor "Nullsoft" for product "Winamp" and version "5.531" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.541 Search vendor "Nullsoft" for product "Winamp" and version "5.541" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.551 Search vendor "Nullsoft" for product "Winamp" and version "5.551" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.552 Search vendor "Nullsoft" for product "Winamp" and version "5.552" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.572 Search vendor "Nullsoft" for product "Winamp" and version "5.572" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.581 Search vendor "Nullsoft" for product "Winamp" and version "5.581" | - |
Affected
| ||||||