Signature Detail
Short Name |
HTTP:STC:WINAMP:M3U-BOF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Nullsoft Winamp M3U Remote Buffer Overflow |
Release Date |
2006/03/29 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Nullsoft Winamp M3U Remote Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the M3U file parsing component of Nullsoft Winamp. Because of a failure to properly sanitize the length of a field containing a media file name, an attacker could entice a user to open a maliciously crafted M3U file, thereby allowing arbitrary code execution on the target system.
Extended Description
Winamp is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the application, effectively denying service to legitimate users. An attacker may be able to exploit this issue to execute arbitrary code on the victim user's computer; this has not been confirmed. This issue is reported to affect version 5.13; other versions may also be vulnerable. This issue may be related to BID 9923 (NullSoft Winamp Malformed File Name Denial of Service Vulnerability).
Affected Products
- NullSoft Winamp 5.13
References
- BugTraq: 16623
- CVE: CVE-2006-0708
- URL: http://www.sans.org/newsletters/risk/display.php?v=5&i=7#widely4