APP: Nullsoft Winamp MP4 Files Handling Memory Corruption
This signature detects attempts to exploit a known memory corruption vulnerability against Nullsoft Winamp. A successful attack can lead to arbitrary code execution.
Extended Description
Winamp is prone to a buffer-overflow vulnerability when it attempts to process certain files. This issue occurs because the application fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized memory buffer. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions. This issue affects Winamp 5.02 through 5.34. UPDATE: The vendor states that this issue will be addressed in Winamp 5.35.
Affected Products
Nullsoft winamp
References
BugTraq: 23723
Short Name
APP:WINAMP:MP4-MC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Corruption Files Handling MP4 Memory Nullsoft Winamp bid:23723
Release Date
08/04/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Nullsoft