Intrusion Prevention

Winamp.Playlist.Buffer.Overflow

Description

This indicates an exploit attempt against a Buffer Overflow vulnerability in Nullsoft Winamp 5.094.
The vulnerability is caused because the vulnerable application fails to perform adequate boundary checks on user-supplied data. It allows remote attackers to execute arbitrary code via an "m3u" file containing a long line ending in ".wma", or a "pls" file containing a long "File1" value ending in ".wma". An attacker may gain unauthorized access to a computer with the privileges of the user that activated the vulnerable application by exploiting this issue.

Affected Products

Nullsoft Winamp 5.094

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to version Winamp 5.13 or later.

CVE References

CVE-2009-2817