Winamp < 5.13 Playlist Handling Multiple Overflows

This script is Copyright (C) 2006-2011 Tenable Network Security, Inc.


Synopsis :

A multimedia application that is vulnerable to multiple buffer
overflows is installed on the remote Windows host.

Description :

The remote host is using Winamp, a popular media player for Windows.

It's possible that a remote attacker using a specially crafted M3U or
PLS file can cause a buffer overflow in the version of Winamp
installed on the remote Windows host, resulting in a crash of the
application and even execution of arbitrary code remotely subject to
the user's privileges. Note that these issues can reportedly be
exploited without user interaction by linking to a '.pls' file in an
IFRAME tag.

See also :

http://www.vupen.com/exploits/20060129.winamp0day.c.php
http://www.nessus.org/u?215564e1
http://www.nessus.org/u?25ab0f36
http://www.winamp.com/player/version-history

Solution :

Upgrade to Winamp version 5.13 or later.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:F/RL:W/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 20826 ()

Bugtraq ID: 16410
16462

CVE ID: CVE-2005-3188
CVE-2006-0476

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now