CVE-2014-3442

Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://packetstormsecurity.com/files/126636	Exploit
http://www.securityfocus.com/bid/67429	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/93173
http://packetstormsecurity.com/files/126636	Exploit
http://www.securityfocus.com/bid/67429	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/93173

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:nullsoft:winamp::::::::
	cpe:2.3:a:nullsoft:winamp:5.0:::::::*
	cpe:2.3:a:nullsoft:winamp:5.01:::::::*
	cpe:2.3:a:nullsoft:winamp:5.02:::::::*
	cpe:2.3:a:nullsoft:winamp:5.2:::::::*
	cpe:2.3:a:nullsoft:winamp:5.3:::::::*
	cpe:2.3:a:nullsoft:winamp:5.03:::::::*
	cpe:2.3:a:nullsoft:winamp:5.04:::::::*
	cpe:2.3:a:nullsoft:winamp:5.05:::::::*
	cpe:2.3:a:nullsoft:winamp:5.5:::::::*
	cpe:2.3:a:nullsoft:winamp:5.06:::::::*
	cpe:2.3:a:nullsoft:winamp:5.07:::::::*
	cpe:2.3:a:nullsoft:winamp:5.08c:::::::*
	cpe:2.3:a:nullsoft:winamp:5.08d:::::::*
	cpe:2.3:a:nullsoft:winamp:5.08e:::::::*
	cpe:2.3:a:nullsoft:winamp:5.09:::::::*
	cpe:2.3:a:nullsoft:winamp:5.11:::::::*
	cpe:2.3:a:nullsoft:winamp:5.12:::::::*
	cpe:2.3:a:nullsoft:winamp:5.13:::::::*
	cpe:2.3:a:nullsoft:winamp:5.21:::::::*
	cpe:2.3:a:nullsoft:winamp:5.22:::::::*
	cpe:2.3:a:nullsoft:winamp:5.23:::::::*
	cpe:2.3:a:nullsoft:winamp:5.24:::::::*
	cpe:2.3:a:nullsoft:winamp:5.31:::::::*
	cpe:2.3:a:nullsoft:winamp:5.32:::::::*
	cpe:2.3:a:nullsoft:winamp:5.33:::::::*
	cpe:2.3:a:nullsoft:winamp:5.34:::::::*
	cpe:2.3:a:nullsoft:winamp:5.35:::::::*
	cpe:2.3:a:nullsoft:winamp:5.36:::::::*
	cpe:2.3:a:nullsoft:winamp:5.51:::::::*
	cpe:2.3:a:nullsoft:winamp:5.51:beta::::::
	cpe:2.3:a:nullsoft:winamp:5.52:::::::*
	cpe:2.3:a:nullsoft:winamp:5.53:::::::*
	cpe:2.3:a:nullsoft:winamp:5.54:::::::*
	cpe:2.3:a:nullsoft:winamp:5.54:beta::::::
	cpe:2.3:a:nullsoft:winamp:5.55:::::::*
	cpe:2.3:a:nullsoft:winamp:5.55:beta::::::
	cpe:2.3:a:nullsoft:winamp:5.56:::::::*
	cpe:2.3:a:nullsoft:winamp:5.57:::::::*
	cpe:2.3:a:nullsoft:winamp:5.58:::::::*
	cpe:2.3:a:nullsoft:winamp:5.59:beta::::::
	cpe:2.3:a:nullsoft:winamp:5.61:::::::*
	cpe:2.3:a:nullsoft:winamp:5.63:::::::*
	cpe:2.3:a:nullsoft:winamp:5.091:::::::*
	cpe:2.3:a:nullsoft:winamp:5.093:::::::*
	cpe:2.3:a:nullsoft:winamp:5.094:::::::*
	cpe:2.3:a:nullsoft:winamp:5.111:::::::*
	cpe:2.3:a:nullsoft:winamp:5.112:::::::*
	cpe:2.3:a:nullsoft:winamp:5.531:::::::*
	cpe:2.3:a:nullsoft:winamp:5.541:::::::*
	cpe:2.3:a:nullsoft:winamp:5.551:::::::*
	cpe:2.3:a:nullsoft:winamp:5.552:::::::*
	cpe:2.3:a:nullsoft:winamp:5.572:::::::*
	cpe:2.3:a:nullsoft:winamp:5.581:::::::*
	cpe:2.3:a:nullsoft:winamp:5.623:::::::*

History

21 Nov 2024, 02:08

Type	Values Removed	Values Added
References	~~() http://packetstormsecurity.com/files/126636 - Exploit~~	() http://packetstormsecurity.com/files/126636 - Exploit
References	~~() http://www.securityfocus.com/bid/67429 - Exploit~~	() http://www.securityfocus.com/bid/67429 - Exploit
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/93173 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/93173 -

Information

Published : 2014-05-23 14:55

Updated : 2024-11-21 02:08

NVD link : CVE-2014-3442

Mitre link : CVE-2014-3442

CVE.ORG link : CVE-2014-3442

JSON object : View

Products Affected

nullsoft

winamp

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

4.3 /10