HTTP: WinAmp IN_CDDA.dll Buffer Overflow (1)
This signature detects the download of a maliciously crafted WinAmp playlist file. Attackers using WinAmp to open this file can execute arbitrary code.
Extended Description
A remote buffer overflow vulnerability affects the IN_CDDA.dll library of Nullsoft's Winamp. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into finite process buffers. The issue would most likely be exposed through a malicious playlist designed to trigger the issue. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application.
Affected Products
Nullsoft winamp
Short Name
HTTP:STC:WINAMP:CDDA-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
(1) Buffer CVE-2004-1119 IN_CDDA.dll Overflow WinAmp bid:11730
Release Date
12/02/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Nullsoft
CVSS Score
10.0