CVE-2013-4694

Name of the Vulnerable Software and Affected Versions Winamp versions prior to 5.64 Build 3418

Description The issue is related to a stack-based buffer overflow in the gen jumpex.dll component, which can be triggered by a package with a long Skin directory name. This could lead to a denial of service (crash) and potentially allow the execution of arbitrary code. Additionally, there is a second buffer overflow issue involving a long GUI Search field to ml local.dll, although this one is only exploitable by the user of the application and would not typically cross privilege boundaries.

Recommendations For versions prior to 5.64 Build 3418, update to version 5.64 Build 3418 or later to resolve the issue. As a temporary workaround, consider avoiding the use of packages with long Skin directory names and restricting the length of the GUI Search field to prevent potential exploitation.