CVE-2006-3228

Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file.

Published: Jun 26, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-3228
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
nullsoft / winamp	5.093	5.093.x
nullsoft / winamp	5.09	5.09.x
nullsoft / winamp	5.05	5.05.x
nullsoft / winamp	2.90	2.90.x
nullsoft / winamp	5.02	5.02.x
nullsoft / winamp	5.01	5.01.x
nullsoft / winamp	5.0.2	5.0.2.x
nullsoft / winamp	3.1	3.1.x
nullsoft / winamp	-	5.23.x
nullsoft / winamp	5.12	5.12.x
nullsoft / winamp	2.91	2.91.x
nullsoft / winamp	5.21	5.21.x
nullsoft / winamp	5.094	5.094.x
nullsoft / winamp	5.1	5.1.x
nullsoft / winamp	5.04	5.04.x
nullsoft / winamp	5.03a	5.03a.x
nullsoft / winamp	5.08d	5.08d.x
nullsoft / winamp	5.0.1	5.0.1.x
nullsoft / winamp	5.11	5.11.x
nullsoft / winamp	5.06	5.06.x
nullsoft / winamp	5.07	5.07.x
nullsoft / winamp	5.13	5.13.x
nullsoft / winamp	5.091	5.091.x
nullsoft / winamp	5.2	5.2.x
nullsoft / winamp	3.0	3.0.x
nullsoft / winamp	2.95	2.95.x
nullsoft / winamp	5.03	5.03.x
nullsoft / winamp	5.0	5.0.x
nullsoft / winamp	5.08e	5.08e.x
nullsoft / winamp	5.08c	5.08c.x

Vulnerability Database

289,784

CVE-2006-3228