Vulnerability Description
Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to execute arbitrary code via (1) an m3u file containing a long line ending in .wma or (2) a pls file containing a long File1 value ending in .wma, a different vulnerability than CVE-2006-0476.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nullsoft | Winamp | 5.094 |
References
- http://securityreason.com/securityalert/397
- http://securitytracker.com/id?1015565Patch
- http://securitytracker.com/id?1015621Vendor Advisory
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=378ExploitPatchVendor Advisory
- http://www.osvdb.org/22975Patch
- http://www.securityfocus.com/bid/16462
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24417
- http://securityreason.com/securityalert/397
- http://securitytracker.com/id?1015565Patch
- http://securitytracker.com/id?1015621Vendor Advisory
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=378ExploitPatchVendor Advisory
- http://www.osvdb.org/22975Patch
- http://www.securityfocus.com/bid/16462
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24417
FAQ
What is CVE-2005-3188?
CVE-2005-3188 is a vulnerability with a CVSS score of 7.6 (HIGH). Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to execute arbitrary code via (1) an m3u file containing a long line ending in .wma or (2) a pls file containing a long File1 value end...
How severe is CVE-2005-3188?
CVE-2005-3188 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3188?
Check the references section above for vendor advisories and patch information. Affected products include: Nullsoft Winamp.