HTTP: Malformed Media Files Processing Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Malformed Media File. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.
Extended Description
Nullsoft Winamp is prone to a denial-of-service vulnerability when processing malformed MIDI files. Successfully exploiting this issue allows remote attackers to crash affected applications. Code execution may also be possible, but this has not been confirmed. This issue is reported to affect Winamp 5.3; other versions may also be affected.
Affected Products
Nullsoft winamp
Short Name
HTTP:STC:DL:MAL-MEDIA-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2006-3228 CVE-2007-1492 CVE-2007-2180 CVE-2007-3895 CVE-2008-4927 CVE-2008-5745 CVE-2009-3201 CVE-2010-0718 CVE-2010-1042 Code Execution Files Malformed Media Processing Remote bid:18507 bid:22938 bid:23568 bid:26804 bid:38733 bid:38837 bid:39489 bid:45221 bid:47084 bid:47088
Release Date
11/12/2012
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3758
False Positive
Unknown
Vendors
Nullsoft
CVSS Score
9.3
7.1
4.3