Reported April 5, 2004, by
NGSSoftware.
VERSIONS
AFFECTED
·
Nullsoft Winamp
2.91 to 5.02
DESCRIPTION
A heap overflow condition in
Nullsoft's Winamp Player versions 2.91 to 5.02 could cause execution of
arbitrary code on the vulnerable system. The vulnerability results from a lack
of boundary checking by the Winamp media plug-in in_mod.dll within the code that
loads Fasttracker 2 (.xm) MOD media files. The discoverer's research team has
proved that code execution is possible and that an attacker can activate a
malicious media file remotely simply by rendering a specially crafted HTML
document.
VENDOR
RESPONSE
The vendor,
Nullsoft has released
Winamp 5.03, which is not vulnerable.
CREDIT
Discovered by
NGSSoftware.