Winamp < 5.601 MIDI Timestamp Stack-based Buffer Overflow
High Nessus Plugin ID 51091
SynopsisThe remote Windows host contains a multimedia application that is affected by stack-based buffer overflow vulnerability.
DescriptionThe remote host is running Winamp, a media player for Windows.
The version of Winamp installed on the remote host is earlier than 5.601. Such versions are potentially affected by a stack-based buffer overflow vulnerability due to an error in the 'in_midi.ddl' plugin that improperly serializes timestamps in MIDI files. A malicious, crafted MIDI file can cause the application to overwrite the saved base pointer and allow execution of arbitrary code.
SolutionUpgrade to Winamp 5.601 or later.