Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Winamp < 5.31 Multiple Heap Overflows

Low

Synopsis

The remote host is vulnerable to a heap overflow.

Description

The remote host is running Winamp, a multi-media software application. This version of Winamp is vulnerable to multiple heap overflows. Specifically, the application fails to handle buffers when handling 'ultravox-max' and 'Lyrics3' tags. An attacker exploiting this flaw would need to be able to convince a user into perusing a malicious media server. Successful exploitation would give the attacker the ability to execute code with the privileges of the user running Winamp.

Solution

Upgrade to version 5.31 or higher.