Winamp < 5.52 Ultravox Streaming Metadata Parsing Buffer Overflows

Medium Nessus Network Monitor Plugin ID 4347


The remote Windows host contains a multimedia application that is affected by multiple buffer overflow vulnerabilities.


The remote host is using Winamp, a popular media player for Windows. The version of Winamp installed on the remote Windows host reportedly contains two stack-based buffer overflows in 'in_mp3.dll' when parsing Ultravox streaming metadata that can be triggered by overly-long '&lt;artist&gt;' and '&lt;name&gt;' tag values. If an attacker can trick a user on the affected host into opening a specially-crafted file, he may be able to leverage this issue to execute arbitrary code on the host subject to the user's privileges.


Upgrade to version 5.52 or higher.

See Also

Plugin Details

Severity: Medium

ID: 4347

File Name: 4347.prm

Family: Generic

Published: 2008/01/18

Modified: 2016/01/19

Dependencies: 1735, 8314

Nessus ID: 29998

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 5.6

Temporal Score: 5.2


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Exploitable With

Core Impact

Metasploit (Winamp Ultravox Streaming Metadata (in_mp3.dll) Buffer Overflow)

Reference Information

CVE: CVE-2008-0065

BID: 27344