Winamp Ultravox Streaming Metadata Parsing Buffer Overflow Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 21 Jan 2008 5579 Views

RISK: Medium Risk

Medium Risk

Multiple vulnerabilities have been identified in Winamp, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. These issues are caused by buffer overflow errors in "in_mp3.dll" when constructing stream titles while parsing Ultravox streaming metadata, which could be exploited by remote attackers to execute arbitrary code via overly long "<artist>" and "<name>" tag values in the <metadata> section.

Impact

  • Denial of Service

System / Technologies affected

  • Winamp version 5.51 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to Winamp version 5.52 :
http://www.winamp.com/player

Vulnerability Identifier

  • No CVE information is available

Source

    Related Link

    Share with

    Previous

    HP Oracle for OpenView Multiple Vulnerabilities

    21 Jan 2008 5584 Views

    Next

    Cisco Wireless Control System Apache Tomcat JK Web Server Connector Buffer Overflow Vulnerability

    1 Feb 2008 5735 Views

    We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

    PRIVACY POLICY