APP: WinAmp CDA Device Name Overflow
This signature detects malformed CDA URIs within an HTTP stream. Attackers can create a malicious play list that, when selected by a user, overflows a buffer allocated by WinAmp and enables an attacker to take control of the user's system.
Extended Description
A remote buffer overflow vulnerability affects the IN_CDDA.dll library of Nullsoft's Winamp. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into finite process buffers. It should be noted that this issue is not related to the issue outlined in BID 11730 (Nullsoft Winamp IN_CDDA.dll Remote Buffer Overflow Vulnerability). This issue will facilitate remote exploitation as an attacker may distribute malicious play-list files and entice unsuspecting users to process them with the affected application. It should be noted that this issue was originally reported in BID 12245 (Nullsoft Winamp Multiple Unspecified Vulnerabilities). It has been assigned a new BID due to the release of more information. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application.
Affected Products
Nullsoft winamp
Short Name
APP:WINAMP:CDA-DEV-NAME-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CDA CVE-2004-1150 Device Name Overflow WinAmp bid:12381
Release Date
02/15/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Nullsoft
CVSS Score
5.1