CVE-2010-2586

Name of the Vulnerable Software and Affected Versions Winamp versions prior to 5.6

Description The issue is caused by multiple integer overflows in the in nsv.dll component of the in nsv plugin. This allows remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in either an NSV stream or an NSV file, triggering a heap-based buffer overflow.

Recommendations For versions prior to 5.6, update to version 5.6 or later to resolve the issue. As a temporary workaround, consider disabling the in nsv plugin until a patch is available. Restrict access to NSV streams and files to minimize the risk of exploitation. Avoid using the in nsv plugin to play NSV files or streams until the issue is resolved.