1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Winamp Module Decoder BO

HTTP Winamp Module Decoder BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This Signature detects Winamp Module Decoder Plugin Buffer Overflow

Additional Information

Winamp is a multiformat media player for Microsoft Windows platforms.

Winamp is prone to multiple security issues that affect the Module Decoder ('IN_MOD.DLL') plugin Attackers may exploit these issues to cause heap-based buffer overflows.

1. Three vulnerabilities occur when parsing instrument definitions in Impulse Tracker files.

2. A vulnerability occurs when parsing samples in Impulse Tracker files.

3. A vulnerability when occurs parsing Ultratracker files.

4. An integer-overflow error occurs when parsing Oktalyzer files.

Attackers may leverage these issues to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

These issues affect Winamp 5.56; prior versions may also be vulnerable.

Affected

  • Winamp 5.56
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube