Signature Detail
Short Name |
HTTP:STC:WINAMP:CDDA-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
WinAmp IN_CDDA.dll Buffer Overflow (1) |
Release Date |
2004/12/01 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: WinAmp IN_CDDA.dll Buffer Overflow (1)
This signature detects the download of a maliciously crafted WinAmp playlist file. Attackers using WinAmp to open this file can execute arbitrary code.
Extended Description
A remote buffer overflow vulnerability affects the IN_CDDA.dll library of Nullsoft's Winamp. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into finite process buffers. The issue would most likely be exposed through a malicious playlist designed to trigger the issue. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application.
Affected Products
- NullSoft Winamp 5.0.0 1
- NullSoft Winamp 5.0.0 2
- NullSoft Winamp 5.0.0 3
- NullSoft Winamp 5.0.0 4
- NullSoft Winamp 5.0.0 5
- NullSoft Winamp 5.05
- NullSoft Winamp 5.06
References
- BugTraq: 11730
- CVE: CVE-2004-1119
- URL: http://www.securityfocus.com/archive/1/382008