Reported April 5, 2004, by NGSSoftware.

 

 

VERSIONS AFFECTED

 

·         Nullsoft Winamp 2.91 to 5.02

 

DESCRIPTION

 

A heap overflow condition in Nullsoft's Winamp Player versions 2.91 to 5.02 could cause execution of arbitrary code on the vulnerable system. The vulnerability results from a lack of boundary checking by the Winamp media plug-in in_mod.dll within the code that loads Fasttracker 2 (.xm) MOD media files. The discoverer's research team has proved that code execution is possible and that an attacker can activate a malicious media file remotely simply by rendering a specially crafted HTML document.

 

VENDOR RESPONSE

 

The vendor, Nullsoft has released Winamp 5.03, which is not vulnerable.

 

CREDIT

 

Discovered by NGSSoftware.