APP: Winamp CAF File Processing Integer Overflow
This signature detects attempts to exploit a known vulnerability in Winamp. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the client.
Extended Description
The 'libsndfile' library is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of an application using the library. This can compromise the affected application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions. This issue affects libsndfile 1.0.18; previous versions may also be vulnerable.
Affected Products
Debian linux
Short Name
APP:WINAMP:CAF-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CAF CVE-2009-0186 File Integer Overflow Processing Winamp bid:33963
Release Date
09/17/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Red_hat
Libsndfile
Suse
Gentoo
Nullsoft
Pardus
Ubuntu
Mandriva
Debian
CVSS Score
9.3