QwikSec

Security Database

CVE

CWE

Training

CVE-2010-3137

Published: Aug 26, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf, .au, .avr, .b4s, .caf or .cda file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

exploit

x_refsource_EXPLOIT-DB

third-party-advisory

x_refsource_SECUNIA

http://www.cs.ucdavis.edu/research/tech-reports/2010/CSE-2010-2.pdf

x_refsource_MISC

oval:org.mitre.oval:def:6874

vdb-entry

signature

x_refsource_OVAL

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.