Winamplibsndfile.dll VOC File Processing Heap Overflow Vulnerability
RISK: Medium Risk
A vulnerability has been identified in Winamp, which could be exploited by remote attackers to compromise a vulnerable system.This issue is caused by a buffer overflow error when processing a malformed VOC file.
These issues are caused by buffer overflow errors in the "voc_read_header()" [src/voc.c] and "aiff_read_header()" [src/aiff.c] functions when processing specially crafted VOC and AIFF files, which could be exploited by attackers to crash an affected application or execute arbitrary code by tricking a user into opening a malicious file.
Successful exploitation may allow execution of arbitrary code.
Impact
- Remote Code Execution
System / Technologies affected
- Winamp version 5.552 and prior
Solutions
Note: It is not aware of any vendor-supplied patch.
Workaround:
Do not open untrusted files in Winamp.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with