icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Winamp < 5.13 Malformed Playlist File Handling Overflow

Medium

Synopsis

A multimedia application that is affected by a buffer overflow vulnerability is installed on the remote Windows host.

Description

The remote host is using Winamp, a popular media player for Windows. It's possible that a remote attacker using a specially-crafted playlist can cause a buffer overflow in the version of Winamp installed on the remote host resulting in a crash of the application or even execution of arbitrary code remotely subject to the user's privileges. This flaw can reportedly be exploited without user interaction by linking to a '.pls' file in an IFRAME tag.

Solution

Upgrade to version 5.13 or higher.