Intrusion PreventionPlaylist.Buffer.Overflow
Description
This indicates an exploit attempt against a Buffer Overflow vulnerability in various media player.
The vulnerability allows remote attackers to execute arbitrary code via a "m3u" or "pls" file containing an overly long line. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted file.
Affected Products
Nullsoft Winamp 5.094 and 5.12
Apple iTunes 4.7
Apple iTunes before 9.0.1
KUDRSOFT AudioPLUS 2.0.0.215
Sony SonicStage CONNECT Player (CP) 4.3
AtomixMP3 2.3
COWON America jetAudio Basic 7.0.3
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-04-03 | 23.527 | Sig Added |
| 2021-09-01 | 18.150 | Sig Added |
| 2020-12-21 | 16.983 | Sig Added |
| 2020-10-22 | 16.948 | Modified |
| 2020-10-20 | 16.946 | Sig Added |
References
http://www.exploit-db.com/exploits/19322/| ID | 11707 |
| Created | Feb 14, 2006 |
| Updated | Apr 17, 2023 |
| Risk |
|
| CVE ID | CVE-2013-7409 CVE-2018-19357 CVE-2007-5487 CVE-2013-6874 CVE-2007-4803 CVE-2007-5709 CVE-2005-3188 CVE-2009-2362 CVE-2005-0043 CVE-2006-0476 |
| Exploit Prediction Score | 72.53% |
| Default Action | pass |
| Active | |
| Affected OS | Windows |
| Affected App | Winamp, Other |