CVE-2013-4694 (GCVE-0-2013-4694)

Vulnerability from cvelistv5 – Published: 2014-04-16 22:00 – Updated: 2024-08-06 16:52
VLAI?
Summary
Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:52:27.127Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20130701 [CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2013/Jul/4"
          },
          {
            "name": "26558",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/26558"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://forums.winamp.com/showthread.php?t=364291"
          },
          {
            "name": "winamp-cve20134694-bo(85399)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85399"
          },
          {
            "name": "94739",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/94739"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html"
          },
          {
            "name": "94740",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/94740"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695"
          },
          {
            "name": "1030107",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030107"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/122978"
          },
          {
            "name": "60883",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/60883"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-07-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name.  NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20130701 [CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2013/Jul/4"
        },
        {
          "name": "26558",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/26558"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://forums.winamp.com/showthread.php?t=364291"
        },
        {
          "name": "winamp-cve20134694-bo(85399)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85399"
        },
        {
          "name": "94739",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/94739"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html"
        },
        {
          "name": "94740",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/94740"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695"
        },
        {
          "name": "1030107",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030107"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/122978"
        },
        {
          "name": "60883",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/60883"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-4694",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name.  NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20130701 [CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2013/Jul/4"
            },
            {
              "name": "26558",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/26558"
            },
            {
              "name": "http://forums.winamp.com/showthread.php?t=364291",
              "refsource": "CONFIRM",
              "url": "http://forums.winamp.com/showthread.php?t=364291"
            },
            {
              "name": "winamp-cve20134694-bo(85399)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85399"
            },
            {
              "name": "94739",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/94739"
            },
            {
              "name": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html"
            },
            {
              "name": "94740",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/94740"
            },
            {
              "name": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695",
              "refsource": "MISC",
              "url": "https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695"
            },
            {
              "name": "1030107",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030107"
            },
            {
              "name": "http://packetstormsecurity.com/files/122978",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/122978"
            },
            {
              "name": "60883",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/60883"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-4694",
    "datePublished": "2014-04-16T22:00:00",
    "dateReserved": "2013-06-26T00:00:00",
    "dateUpdated": "2024-08-06T16:52:27.127Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-4694\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-04-16T22:55:06.137\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name.  NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de buffer basado en pila en gen_jumpex.dll en Winamp anterior a 5.64 Build 3418 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un paquete con un nombre de directorio Skin largo.  NOTA: un segundo desbordamiento de buffer involucrando un campo de b\u00fasqueda GUI largo hacia ml_local.dll fue tambi\u00e9n reportado. Sin embargo, como solo es explotable por el usuario de la aplicaci\u00f3n, este problema no cruzar\u00eda l\u00edmites de privilegio a no ser que Winamp est\u00e1 funcionando bajo un entorno altamente restringido como un kiosk.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.63\",\"matchCriteriaId\":\"94EFEBF8-7740-4AEF-BE59-59FD6AEF6215\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8C15A30-0EEF-4E58-BF7B-8F9E0814BF7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32036D60-6151-4607-B181-9E1C30ABAE81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D38C91F9-8371-4BE5-8ADD-CC38BC7584E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0873D86-C669-4FEE-83F1-70B61E1DEE8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAFFD8E7-A443-4131-9CFB-67AA9739E6E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32A6660A-1306-44C0-BA92-D57D0F3ADD03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE9C4D33-C782-4B10-95C2-050BCD745DF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E0581F9-9B99-43F6-852E-BD28BB47B169\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CEA7967-D737-4B46-9382-A391DF832219\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:2.92:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E08D39F3-4FE4-4256-AA33-33C29826B423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"830610D8-1B42-4560-ABB4-BA79DD145110\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13EFF2D1-D88F-436F-8E82-EAE681DE7AA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"828226F9-29AA-437F-8385-B75A6F4F3B5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.1:-:surround:*:*:*:*:*\",\"matchCriteriaId\":\"5256EEBD-E142-4DCA-AC2E-97F20E32E18B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAD7DE0D-1018-4E04-A771-B2C619E95C0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"798885D9-B518-4C10-81B9-32AEB512C14D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E5EF1ED-9AA1-41D0-8781-619F8F50F4FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35D38D15-3588-49E4-9396-11DB96FBD448\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED120987-6F27-4D8E-95DF-E19EBCB0B8D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FF40252-7E87-4EE6-B2C7-19E8D78C4025\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E02CCF2-2335-4F08-8061-6CFD7C8B265A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B48A746C-1020-4A9C-A9D4-94B6FFFA1FDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF272FF7-68ED-4D8B-9C17-D9D46AA33335\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8FAD29A-6A61-4201-A0E6-1F04BF093600\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07EE09C3-B49C-4D7D-BCD1-2AA2104A271A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E4497A5-6E95-4CB3-999E-53BF890A23F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"057B033C-7836-41E0-B184-F9D5DFC42C86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20168350-2AD1-4AF4-B0AA-4C2EBF616259\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B39A6931-A3CD-44A7-B170-53B803F321AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A651DB07-0A59-41C5-8788-6A3594A5023C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"199953E2-C5A4-4D7B-9BB4-EF0B1364F117\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE765893-71E4-4945-891C-976B97762CC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEF245AA-7038-4BD4-B2CB-8B0E59200875\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DEF8714-56FC-4D6C-AE87-072ADD7698A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E808BCEF-FE45-44D3-B22B-404BC97B89C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA6E29C6-CDC9-4C0B-8D79-8A5A11B563CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C14B9D39-BF74-4C69-92BF-DE6E71FDD911\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD83F571-1A58-4159-AC2F-7261F135EF45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB054736-2F91-4EF3-B04F-80403676374F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"287E954F-6A04-442A-B93E-CDD2ABEB357E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.51:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FEE5A4C-770A-458B-AC1A-8F1F99A0951A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.51:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"F68A5E59-389B-4308-9D41-D665680EEC52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B58E9493-556E-4085-B337-AE211A28DA6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C4F66E7-7F61-4F59-9213-21598A3DFD50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C6E95D5-D855-4CD4-B44B-66FF029EC823\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.54:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"402F8767-1788-48BB-BCBE-E9E6B5F40396\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"218E9850-70F5-4579-9549-47DD16ECD2B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.55:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"147C01F2-11E0-495A-916E-7C66D8CF4104\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DB36DD4-0F68-4A47-80D3-F326169BC2FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E23370CB-AA61-4C6A-A742-1DC2050926A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.58:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88B4B254-A4B1-4B3D-9FD6-5E0C4C3E7678\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.59:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"F779958C-39AA-4AE8-895B-0BC1FA5401E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.61:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFE65516-EA95-4DAE-93F5-FE19FFD9F04D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C6A1F15-A3FA-40FB-980A-569F77E1D104\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.093:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"684ABC3F-57CB-490B-ADCB-501E0D234E16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.094:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BB30030-A195-4626-AAED-D421454D911D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.111:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADB3FCB9-6CF4-4513-9FB9-D01C58079060\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.112:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"913962D9-84AA-4474-800E-5DABF37D52A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.531:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35698C89-EACF-4ABF-BA67-AF59B8BD2928\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.541:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"951898A7-A060-4853-8C4E-99927794C0FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.551:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEB33D5A-C2A0-4526-8774-89BA4C079533\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.552:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA20F35-AC57-4B5B-9EF1-8A4393BD1B33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.572:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D58D69A-8179-400C-8118-866FB1729DD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.581:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C841E22-820E-40F6-864D-ED4485180F7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nullsoft:winamp:5.623:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5CFCAE4-62A4-4447-BBB9-775DB8FAD662\"}]}]}],\"references\":[{\"url\":\"http://forums.winamp.com/showthread.php?t=364291\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://osvdb.org/94739\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/94740\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://packetstormsecurity.com/files/122978\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://seclists.org/fulldisclosure/2013/Jul/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.exploit-db.com/exploits/26558\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/60883\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securitytracker.com/id/1030107\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/85399\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://forums.winamp.com/showthread.php?t=364291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://osvdb.org/94739\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/94740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://packetstormsecurity.com/files/122978\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://seclists.org/fulldisclosure/2013/Jul/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.exploit-db.com/exploits/26558\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/60883\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securitytracker.com/id/1030107\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/85399\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.rcesecurity.com/2013/07/winamp-v5-64-fixes-several-code-execution-vulnerabilities-cve-2013-4694-cve-2013-4695\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.