CVE-2013-4694
Winamp 5.63 - Stack Buffer Overflow
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
8
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk.
Desbordamiento de buffer basado en pila en gen_jumpex.dll en Winamp anterior a 5.64 Build 3418 permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un paquete con un nombre de directorio Skin largo. NOTA: un segundo desbordamiento de buffer involucrando un campo de búsqueda GUI largo hacia ml_local.dll fue también reportado. Sin embargo, como solo es explotable por el usuario de la aplicación, este problema no cruzaría límites de privilegio a no ser que Winamp está funcionando bajo un entorno altamente restringido como un kiosk.
WinAmp version 5.63 suffers from a stack-based buffer overflow vulnerability. The application loads the directories in %PROGRAMFILES%\WinAmp\Skins on startup to determine the skins that have been installed and to list them in the application menu point "Skins" and in the Skins Browser. But the application does not properly validate the length of the directory name before passing it as argument to a lstrcpynW call in the library gen_jumpex.dll, which leads to a buffer overflow condition with possible code execution.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-06-26 CVE Reserved
- 2013-07-01 CVE Published
- 2013-07-02 First Exploit
- 2024-06-02 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/94739 | Vdb Entry | |
| http://osvdb.org/94740 | Vdb Entry | |
| http://www.securitytracker.com/id/1030107 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/85399 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://forums.winamp.com/showthread.php?t=364291 | 2017-08-29 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | <= 5.63 Search vendor "Nullsoft" for product "Winamp" and version " <= 5.63" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 0.20a Search vendor "Nullsoft" for product "Winamp" and version "0.20a" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 0.92 Search vendor "Nullsoft" for product "Winamp" and version "0.92" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 1.006 Search vendor "Nullsoft" for product "Winamp" and version "1.006" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 1.90 Search vendor "Nullsoft" for product "Winamp" and version "1.90" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.0 Search vendor "Nullsoft" for product "Winamp" and version "2.0" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.6 Search vendor "Nullsoft" for product "Winamp" and version "2.6" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.9 Search vendor "Nullsoft" for product "Winamp" and version "2.9" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.10 Search vendor "Nullsoft" for product "Winamp" and version "2.10" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.91 Search vendor "Nullsoft" for product "Winamp" and version "2.91" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.92 Search vendor "Nullsoft" for product "Winamp" and version "2.92" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 2.95 Search vendor "Nullsoft" for product "Winamp" and version "2.95" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.0 Search vendor "Nullsoft" for product "Winamp" and version "5.0" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.01 Search vendor "Nullsoft" for product "Winamp" and version "5.01" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.1 Search vendor "Nullsoft" for product "Winamp" and version "5.1" | surround |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.02 Search vendor "Nullsoft" for product "Winamp" and version "5.02" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.2 Search vendor "Nullsoft" for product "Winamp" and version "5.2" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.3 Search vendor "Nullsoft" for product "Winamp" and version "5.3" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.03 Search vendor "Nullsoft" for product "Winamp" and version "5.03" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.04 Search vendor "Nullsoft" for product "Winamp" and version "5.04" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.05 Search vendor "Nullsoft" for product "Winamp" and version "5.05" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.5 Search vendor "Nullsoft" for product "Winamp" and version "5.5" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.06 Search vendor "Nullsoft" for product "Winamp" and version "5.06" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.07 Search vendor "Nullsoft" for product "Winamp" and version "5.07" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.08c Search vendor "Nullsoft" for product "Winamp" and version "5.08c" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.08d Search vendor "Nullsoft" for product "Winamp" and version "5.08d" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.08e Search vendor "Nullsoft" for product "Winamp" and version "5.08e" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.09 Search vendor "Nullsoft" for product "Winamp" and version "5.09" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.11 Search vendor "Nullsoft" for product "Winamp" and version "5.11" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.12 Search vendor "Nullsoft" for product "Winamp" and version "5.12" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.13 Search vendor "Nullsoft" for product "Winamp" and version "5.13" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.21 Search vendor "Nullsoft" for product "Winamp" and version "5.21" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.22 Search vendor "Nullsoft" for product "Winamp" and version "5.22" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.23 Search vendor "Nullsoft" for product "Winamp" and version "5.23" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.24 Search vendor "Nullsoft" for product "Winamp" and version "5.24" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.31 Search vendor "Nullsoft" for product "Winamp" and version "5.31" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.32 Search vendor "Nullsoft" for product "Winamp" and version "5.32" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.33 Search vendor "Nullsoft" for product "Winamp" and version "5.33" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.34 Search vendor "Nullsoft" for product "Winamp" and version "5.34" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.35 Search vendor "Nullsoft" for product "Winamp" and version "5.35" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.36 Search vendor "Nullsoft" for product "Winamp" and version "5.36" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.51 Search vendor "Nullsoft" for product "Winamp" and version "5.51" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.51 Search vendor "Nullsoft" for product "Winamp" and version "5.51" | beta |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.52 Search vendor "Nullsoft" for product "Winamp" and version "5.52" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.53 Search vendor "Nullsoft" for product "Winamp" and version "5.53" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.54 Search vendor "Nullsoft" for product "Winamp" and version "5.54" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.54 Search vendor "Nullsoft" for product "Winamp" and version "5.54" | beta |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.55 Search vendor "Nullsoft" for product "Winamp" and version "5.55" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.55 Search vendor "Nullsoft" for product "Winamp" and version "5.55" | beta |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.56 Search vendor "Nullsoft" for product "Winamp" and version "5.56" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.57 Search vendor "Nullsoft" for product "Winamp" and version "5.57" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.58 Search vendor "Nullsoft" for product "Winamp" and version "5.58" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.59 Search vendor "Nullsoft" for product "Winamp" and version "5.59" | beta |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.61 Search vendor "Nullsoft" for product "Winamp" and version "5.61" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.091 Search vendor "Nullsoft" for product "Winamp" and version "5.091" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.093 Search vendor "Nullsoft" for product "Winamp" and version "5.093" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.094 Search vendor "Nullsoft" for product "Winamp" and version "5.094" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.111 Search vendor "Nullsoft" for product "Winamp" and version "5.111" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.112 Search vendor "Nullsoft" for product "Winamp" and version "5.112" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.531 Search vendor "Nullsoft" for product "Winamp" and version "5.531" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.541 Search vendor "Nullsoft" for product "Winamp" and version "5.541" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.551 Search vendor "Nullsoft" for product "Winamp" and version "5.551" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.552 Search vendor "Nullsoft" for product "Winamp" and version "5.552" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.572 Search vendor "Nullsoft" for product "Winamp" and version "5.572" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.581 Search vendor "Nullsoft" for product "Winamp" and version "5.581" | - |
Affected
| ||||||
| Nullsoft Search vendor "Nullsoft" | Winamp Search vendor "Nullsoft" for product "Winamp" | 5.623 Search vendor "Nullsoft" for product "Winamp" and version "5.623" | - |
Affected
| ||||||