1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Winamp MIDI Timestamp BO

HTTP Winamp MIDI Timestamp BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in Winamp.

Additional Information

NullSoft Winamp is a media player application.

Winamp is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. This issue affects the 'in_midi' component. Specifically, the application converts MIDI file timestamps to a canonical format. During this conversion, the application fails to properly allocate stack-based memory for the timestamps of MIDI music files.

An attacker can exploit these issues by enticing an unsuspecting user to load a malicious MIDI music file.

Successful exploits will allow attackers to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.

Versions prior to Winamp 5.601 are vulnerable.

Affected

  • NullSoft Winamp 5.5.8
  • NullSoft Winamp 5.3.2
  • NullSoft Winamp 5.0 91
  • NullSoft Winamp 5.0 9
  • NullSoft Winamp 5.0 8c
  • NullSoft Winamp 5.0 8
  • NullSoft Winamp 5.0 7
  • NullSoft Winamp 5.0 6
  • NullSoft Winamp 5.0 5
  • NullSoft Winamp 5.0 4
  • NullSoft Winamp 5.0 3a
  • NullSoft Winamp 5.0 3
  • NullSoft Winamp 5.0 2
  • NullSoft Winamp 5.0 1
  • NullSoft Winamp 5.6
  • NullSoft Winamp 5.581
  • NullSoft Winamp 5.581
  • NullSoft Winamp 5.58
  • NullSoft Winamp 5.58
  • NullSoft Winamp 5.572
  • NullSoft Winamp 5.572
  • NullSoft Winamp 5.571
  • NullSoft Winamp 5.57
  • NullSoft Winamp 5.56
  • NullSoft Winamp 5.552
  • NullSoft Winamp 5.551
  • NullSoft Winamp 5.55
  • NullSoft Winamp 5.541
  • NullSoft Winamp 5.54
  • NullSoft Winamp 5.531
  • NullSoft Winamp 5.53
  • NullSoft Winamp 5.52
  • NullSoft Winamp 5.51
  • NullSoft Winamp 5.5
  • NullSoft Winamp 5.35
  • NullSoft Winamp 5.34a
  • NullSoft Winamp 5.34
  • NullSoft Winamp 5.33
  • NullSoft Winamp 5.32
  • NullSoft Winamp 5.31
  • NullSoft Winamp 5.3
  • NullSoft Winamp 5.24
  • NullSoft Winamp 5.23
  • NullSoft Winamp 5.22
  • NullSoft Winamp 5.21
  • NullSoft Winamp 5.2
  • NullSoft Winamp 5.13
  • NullSoft Winamp 5.12
  • NullSoft Winamp 5.112
  • NullSoft Winamp 5.111
  • NullSoft Winamp 5.11
  • NullSoft Winamp 5.10
  • NullSoft Winamp 5.094
  • NullSoft Winamp 5.093
  • NullSoft Winamp 5.091
  • NullSoft Winamp 5.09
  • NullSoft Winamp 5.08
  • NullSoft Winamp 5.07
  • NullSoft Winamp 5.06
  • NullSoft Winamp 5.05
  • NullSoft Winamp 5.04
  • NullSoft Winamp 5.03
  • NullSoft Winamp 5.02
  • NullSoft Winamp 5.01

Response

Updates are available; please see the references for more information.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube