Winamp < 5.52 Ultravox Streaming Metadata Parsing Buffer Overflows

medium Nessus Network Monitor Plugin ID 4347

Synopsis

The remote Windows host contains a multimedia application that is affected by multiple buffer overflow vulnerabilities.

Description

The remote host is using Winamp, a popular media player for Windows. The version of Winamp installed on the remote Windows host reportedly contains two stack-based buffer overflows in 'in_mp3.dll' when parsing Ultravox streaming metadata that can be triggered by overly-long '<artist>' and '<name>' tag values. If an attacker can trick a user on the affected host into opening a specially-crafted file, he may be able to leverage this issue to execute arbitrary code on the host subject to the user's privileges.

Solution

Upgrade to version 5.52 or higher.

See Also

http://www.winamp.com/player/version-history

http://forums.winamp.com/showthread.php?threadid=285024

http://secunia.com/secunia_research/2008-2/advisory

Plugin Details

Severity: Medium

ID: 4347

Family: Generic

Published: 1/18/2008

Updated: 3/6/2019

Nessus ID: 29998

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.6

Temporal Score: 5.2

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:nullsoft:winamp

Exploitable With

Core Impact

Metasploit (Winamp Ultravox Streaming Metadata (in_mp3.dll) Buffer Overflow)

Reference Information

CVE: CVE-2008-0065

BID: 27344