Winamp < 5.52 Ultravox Streaming Metadata Parsing Buffer Overflows

Medium Nessus Network Monitor Plugin ID 4347

Synopsis

The remote Windows host contains a multimedia application that is affected by multiple buffer overflow vulnerabilities.

Description

The remote host is using Winamp, a popular media player for Windows. The version of Winamp installed on the remote Windows host reportedly contains two stack-based buffer overflows in 'in_mp3.dll' when parsing Ultravox streaming metadata that can be triggered by overly-long '&lt;artist&gt;' and '&lt;name&gt;' tag values. If an attacker can trick a user on the affected host into opening a specially-crafted file, he may be able to leverage this issue to execute arbitrary code on the host subject to the user's privileges.

Solution

Upgrade to version 5.52 or higher.

See Also

http://www.winamp.com/player/version-history

http://forums.winamp.com/showthread.php?threadid=285024

http://secunia.com/secunia_research/2008-2/advisory

Plugin Details

Severity: Medium

ID: 4347

File Name: 4347.prm

Family: Generic

Published: 2008/01/18

Modified: 2016/01/19

Dependencies: 1735, 8314

Nessus ID: 29998

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 5.6

Temporal Score: 5.2

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Exploitable With

Core Impact

Metasploit (Winamp Ultravox Streaming Metadata (in_mp3.dll) Buffer Overflow)

Reference Information

CVE: CVE-2008-0065

BID: 27344