Summary
This host is installed with Winamp and is prone to insecure library loading vulnerability.
Impact
Successful exploitation will allow attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll.
Impact Level: Application.
Solution
Upgrade to version 5.6 or later,
For updates refer to http://www.winamp.com/media-player
Insight
The flaw is due to the application loading libraries in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening an 'ASX' file located on a remote WebDAV or SMB share.
Affected
Nullsoft Winamp version 5.581 and prior.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-3137 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities