1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Winamp MP4 File Parsing BO

Web Attack: Winamp MP4 File Parsing BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in Winamp.

Additional Information

Winamp is prone to a buffer-overflow vulnerability when it attempts to process certain files. This issue occurs because the application fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized memory buffer.

Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions.

This issue affects Winamp 5.02 through 5.34.

UPDATE: The vendor states that this issue will be addressed in Winamp 5.35.

Affected

  • NullSoft Winamp 5.3.2
  • NullSoft Winamp 5.34
  • NullSoft Winamp 5.33
  • NullSoft Winamp 5.31
  • NullSoft Winamp 5.3
  • NullSoft Winamp 5.24
  • NullSoft Winamp 5.22
  • NullSoft Winamp 5.21
  • NullSoft Winamp 5.2
  • NullSoft Winamp 5.13
  • NullSoft Winamp 5.12
  • NullSoft Winamp 5.11

Response

The vendor released a patch to address this issue
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube