Signature Detail
Short Name |
HTTP:STC:DL:MAL-MEDIA-RCE |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Malformed Media Files Processing Remote Code Execution |
Release Date |
2012/11/11 |
Update Number |
2202 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Malformed Media Files Processing Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Malformed Media File. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.
Extended Description
Nullsoft Winamp is prone to a denial-of-service vulnerability when processing malformed MIDI files. Successfully exploiting this issue allows remote attackers to crash affected applications. Code execution may also be possible, but this has not been confirmed. This issue is reported to affect Winamp 5.3; other versions may also be affected.
Affected Products
- NullSoft Winamp 5.3
References
- BugTraq: 47088
- BugTraq: 23568
- BugTraq: 26804
- BugTraq: 47084
- BugTraq: 38837
- BugTraq: 18507
- BugTraq: 22938
- BugTraq: 45221
- BugTraq: 38733
- CVE: CVE-2010-1042
- CVE: CVE-2006-3228
- CVE: CVE-2008-4927
- CVE: CVE-2008-5745
- CVE: CVE-2009-3201
- CVE: CVE-2007-3895
- CVE: CVE-2007-1492
- CVE: CVE-2007-2180