OT Vulnerability In WinAmp

[Richard]

- Buffer overflow in Winamp -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

A vulnerability has been detected in version 5.05 and earlier of Winamp,
which could be used to compromise affected computers, according to Secunia.

The problem lies in a boundary error in the IN_CDDA.dll library. An attacker
could exploit this vulnerability to cause a buffer overflow in several ways,
such as tricking the user into visiting a malicious website containing a
specially-crafted m3u playlist. A successful exploit could allow the
attacker to run arbitrary code.

All users whose systems could be affected by this vulnerability are advised
to install Winamp version 5.0.6, which is available at:
http://www.winamp.com/player/

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.

 

[=?ISO-8859-1?Q?=BBQ=AB?=]

- Buffer overflow in Winamp -
Oxygen3 24h-365d, by Panda Software
(http://www.pandasoftware.com)

A vulnerability has been detected in version 5.05 and earlier of
Winamp, which could be used to compromise affected computers,
according to Secunia.

The problem lies in a boundary error in the IN_CDDA.dll library.
An attacker could exploit this vulnerability to cause a buffer
overflow in several ways, such as tricking the user into visiting
a malicious website containing a specially-crafted m3u playlist. A
successful exploit could allow the attacker to run arbitrary code.

All users whose systems could be affected by this vulnerability
are advised to install Winamp version 5.0.6, which is available
at: http://www.winamp.com/player/

According to the guy who found it, this vulnerability has been
confirmed in 5.0.6, though NullSoft claims it was fixed.

<http://secunia.com/advisories/13269/>

Description:
Brett Moore has reported a vulnerability in Winamp, which can be
exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error in the
"IN_CDDA.dll" file. This can be exploited in various ways to
cause a stack-based buffer overflow e.g. by tricking a user into
visiting a malicious web site containing a specially crafted
".m3u" playlist.

Successful exploitation allows execution of arbitrary code.

The vulnerability has been reported in version 5.05 and confirmed
in version 5.06. Prior versions may also be affected.

Solution:
Disassociate ".cda" and ".m3u" extensions from Winamp.

Provided and/or discovered by:
Brett Moore, Security-Assessment.com.

Changelog:
2004-11-24: Changed "Solution" and "Solution Status". According
to the discoverer, the vulnerability has contrary to vendor
statements not been fixed in version 5.06. 2004-11-25: Escalated
criticality as exploit code is available.