Intrusion Prevention

MS.Winamp.IN.CDDA.Buffer.Overflow

Description

This indicates an attempt to exploit a Buffer Overflow vulnerability in Winamp.
The vulnerability can be exploited via an ".m3u" playist file containing an overly long ".cda" file name, which can cause a stack based buffer overflow in "IN_CDDA.DLL" that may allow an attacker to execute arbitrary code on a vulnerable system.

Affected Products

Winamp 5.06 and prior versions.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the appropriate patches or upgrade the system to the latest non-vulnerable version.

CVE References

CVE-2004-1119