What is the severity of CVE-2012-3890?

CVE-2012-3890 has a severity rating that allows remote attackers to cause a denial of service through heap memory corruption.

How do I fix CVE-2012-3890?

To fix CVE-2012-3890, update Winamp to version 5.63 or later, as this version addresses the vulnerability.

What versions of Winamp are affected by CVE-2012-3890?

CVE-2012-3890 affects all Winamp versions prior to and including 5.62.

What type of attack is associated with CVE-2012-3890?

CVE-2012-3890 is associated with remote denial of service attacks that exploit heap memory corruption.

Are there any workarounds for CVE-2012-3890?

There are no recommended workarounds for CVE-2012-3890, and the best course is to update to the fixed version of Winamp.

Vulnerability/
CVE-2012-3890

medium

6.8

CWE

119

11/7/2012

6/8/2024

CVE-2012-3890: Buffer Overflow

First published: Wed Jul 11 2012(Updated: )

The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Winamp iPod Plugin	<=5.623
Winamp iPod Plugin	=0.20a
Winamp iPod Plugin	=0.92
Winamp iPod Plugin	=1.006
Winamp iPod Plugin	=1.90
Winamp iPod Plugin	=2.0
Winamp iPod Plugin	=2.6
Winamp iPod Plugin	=2.9
Winamp iPod Plugin	=2.10
Winamp iPod Plugin	=2.91
Winamp iPod Plugin	=2.92
Winamp iPod Plugin	=2.95
Winamp iPod Plugin	=5.0
Winamp iPod Plugin	=5.01
Winamp iPod Plugin	=5.1
Winamp iPod Plugin	=5.02
Winamp iPod Plugin	=5.2
Winamp iPod Plugin	=5.3
Winamp iPod Plugin	=5.03
Winamp iPod Plugin	=5.04
Winamp iPod Plugin	=5.05
Winamp iPod Plugin	=5.5
Winamp iPod Plugin	=5.06
Winamp iPod Plugin	=5.07
Winamp iPod Plugin	=5.08c
Winamp iPod Plugin	=5.08d
Winamp iPod Plugin	=5.08e
Winamp iPod Plugin	=5.09
Winamp iPod Plugin	=5.11
Winamp iPod Plugin	=5.12
Winamp iPod Plugin	=5.13
Winamp iPod Plugin	=5.21
Winamp iPod Plugin	=5.22
Winamp iPod Plugin	=5.23
Winamp iPod Plugin	=5.24
Winamp iPod Plugin	=5.31
Winamp iPod Plugin	=5.32
Winamp iPod Plugin	=5.33
Winamp iPod Plugin	=5.34
Winamp iPod Plugin	=5.35
Winamp iPod Plugin	=5.36
Winamp iPod Plugin	=5.51
Winamp iPod Plugin	=5.51-beta
Winamp iPod Plugin	=5.52
Winamp iPod Plugin	=5.53
Winamp iPod Plugin	=5.54
Winamp iPod Plugin	=5.54-beta
Winamp iPod Plugin	=5.55
Winamp iPod Plugin	=5.55-beta
Winamp iPod Plugin	=5.56
Winamp iPod Plugin	=5.57
Winamp iPod Plugin	=5.59-beta
Winamp iPod Plugin	=5.61
Winamp iPod Plugin	=5.091
Winamp iPod Plugin	=5.093
Winamp iPod Plugin	=5.094
Winamp iPod Plugin	=5.111
Winamp iPod Plugin	=5.112
Winamp iPod Plugin	=5.531
Winamp iPod Plugin	=5.541
Winamp iPod Plugin	=5.572
Winamp iPod Plugin	=5.581

Remedy

http://forums.winamp.com/showthread.php?t=345684

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-3890?
CVE-2012-3890 has a severity rating that allows remote attackers to cause a denial of service through heap memory corruption.
How do I fix CVE-2012-3890?
To fix CVE-2012-3890, update Winamp to version 5.63 or later, as this version addresses the vulnerability.
What versions of Winamp are affected by CVE-2012-3890?
CVE-2012-3890 affects all Winamp versions prior to and including 5.62.
What type of attack is associated with CVE-2012-3890?
CVE-2012-3890 is associated with remote denial of service attacks that exploit heap memory corruption.
Are there any workarounds for CVE-2012-3890?
There are no recommended workarounds for CVE-2012-3890, and the best course is to update to the fixed version of Winamp.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/remedy
agent/severity
agent/author
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/nullsoft
canonical/nullsoft winamp
version/nullsoft winamp/5.623
version/nullsoft winamp/0.20a
version/nullsoft winamp/0.92
version/nullsoft winamp/1.006
version/nullsoft winamp/1.90
version/nullsoft winamp/2.0
version/nullsoft winamp/2.6
version/nullsoft winamp/2.9
version/nullsoft winamp/2.10
version/nullsoft winamp/2.91
version/nullsoft winamp/2.92
version/nullsoft winamp/2.95
version/nullsoft winamp/5.0
version/nullsoft winamp/5.01
version/nullsoft winamp/5.1
version/nullsoft winamp/5.02
version/nullsoft winamp/5.2
version/nullsoft winamp/5.3
version/nullsoft winamp/5.03
version/nullsoft winamp/5.04
version/nullsoft winamp/5.05
version/nullsoft winamp/5.5
version/nullsoft winamp/5.06
version/nullsoft winamp/5.07
version/nullsoft winamp/5.08c
version/nullsoft winamp/5.08d
version/nullsoft winamp/5.08e
version/nullsoft winamp/5.09
version/nullsoft winamp/5.11
version/nullsoft winamp/5.12
version/nullsoft winamp/5.13
version/nullsoft winamp/5.21
version/nullsoft winamp/5.22
version/nullsoft winamp/5.23
version/nullsoft winamp/5.24
version/nullsoft winamp/5.31
version/nullsoft winamp/5.32
version/nullsoft winamp/5.33
version/nullsoft winamp/5.34
version/nullsoft winamp/5.35
version/nullsoft winamp/5.36
version/nullsoft winamp/5.51
version/nullsoft winamp/5.51-beta
version/nullsoft winamp/5.52
version/nullsoft winamp/5.53
version/nullsoft winamp/5.54
version/nullsoft winamp/5.54-beta
version/nullsoft winamp/5.55
version/nullsoft winamp/5.55-beta
version/nullsoft winamp/5.56
version/nullsoft winamp/5.57
version/nullsoft winamp/5.59-beta
version/nullsoft winamp/5.61
version/nullsoft winamp/5.091
version/nullsoft winamp/5.093
version/nullsoft winamp/5.094
version/nullsoft winamp/5.111
version/nullsoft winamp/5.112
version/nullsoft winamp/5.531
version/nullsoft winamp/5.541
version/nullsoft winamp/5.572
version/nullsoft winamp/5.581