Winamp < 5.623 Multiple Integer Overflows

This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a multimedia application that is
affected by multiple integer overflow vulnerabilities.

Description :

The remote host is running Winamp, a media player for Windows.

The version of Winamp installed on the remote host is earlier than
5.623 and thus is reportedly affected by the following integer
overflow vulnerabilities :

- An integer-overflow vulnerability exists in 'in_avi.dll'
when allocating memory using the number of stream
headers. An attacker can trigger a heap overflow by
enticing an unsuspecting user to open a specially
crafted AVI file.

- An integer-overflow vulnerability exists in 'in_avi.dll'
when parsing the 'RIFF INFO' chunk included in an AVI
file. An attacker can exploit this issue by enticing an
unsuspecting victim to open a specially crafted AVI
file.

- An integer-overflow vulnerability exists in 'in_avi.dll'
when parsing song message data included in an Impulse
Tracker (IT) file. Successful exploits will allow
arbitrary code to run in the context of the application.
Failed attacks will cause denial of service
conditions.

See also :

http://secunia.com/secunia_research/2011-81/
http://forums.winamp.com/showthread.php?t=332010

Solution :

Upgrade to Winamp 5.623 (5.6.2.3199) or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 57363 ()

Bugtraq ID: 51015

CVE ID: CVE-2011-3834

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now