Описание
The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in IN_MOD.DLL in AOL Nullsoft Winamp 5.33 allows remote attackers to execute arbitrary code via a crafted (1) .IT or (2) .S3M file containing integer values that are used as memory offsets, which triggers memory corruption.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:nullsoft:winamp:5.33:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.15636
Средний
9.3 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in IN_MOD.DLL in AOL Nullsoft Winamp 5.33 allows remote attackers to execute arbitrary code via a crafted (1) .IT or (2) .S3M file containing integer values that are used as memory offsets, which triggers memory corruption.
EPSS
Процентиль: 95%
0.15636
Средний
9.3 Critical
CVSS2
Дефекты
CWE-20