Skip to main content

Winamp Module Decoder Plug-in Buffer Overflow Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 18 Dec 2009 5404 Views

RISK: Medium Risk

Multiple vulnerabilities have been identified in Winamp, which could be exploited by attackers to compromise a vulnerable system. These issues are caused by buffer and integer overflow errors in the Module Decoder Plug-in (IN_MOD.DLL) when processing malformed Impulse Tracker, Ultratracker or Oktalyzer files, which could be exploited by attackers to crash an affected player or execute arbitrary code by tricking a user into opening a specially crafted file.


Impact

  • Remote Code Execution

System / Technologies affected

  • Winamp version 5.56 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to Winamp version 5.57 :
http://www.winamp.com/media-player


Vulnerability Identifier


Source


Related Link