Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Winamp < 5.13 Malformed Playlist File Handling Overflow

Medium

Synopsis

A multimedia application that is affected by a buffer overflow vulnerability is installed on the remote Windows host.

Description

The remote host is using Winamp, a popular media player for Windows. It's possible that a remote attacker using a specially-crafted playlist can cause a buffer overflow in the version of Winamp installed on the remote host resulting in a crash of the application or even execution of arbitrary code remotely subject to the user's privileges. This flaw can reportedly be exploited without user interaction by linking to a '.pls' file in an IFRAME tag.

Solution

Upgrade to version 5.13 or higher.