SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#372968

WinAmp contains a flaw in metadata handling in .mpa and .mp4 files

Overview

WinAmp contains a flaw which may allow an attacker to crash WinAmp remotely via .mpa or .mp4 files.

I. Description

Nullsoft's WinAmp Player, a popular multimedia system for Microsoft Windows, contains a flaw in the handling of the metadata (called "tags") contained within .mpa and .mp4 files. Invalid data within these files could crash WinAmp.

WinAmp is susceptible to a remote Denial of Service flaw if maliciously crafted .mp4 or .mpa files are loaded. This flaw could cause WinAmp to unexpectedly crash. Also, the flaw may be exploited in combination with the default setting for some web browsers to automatically open WinAmp playlist (.pls, .m3u) files without prompting. A malicious playlist, with pointers to remote files on the Internet, may be embedded in a web page specifically crafted to automatically load the playlist. As such, a user may unintentionally load a flawed mpa or .mp4 file by following an innocuous web link.

II. Impact

WinAmp may crash, resulting in a denial of service to the user running it.

III. Solution

Apply an update


This flaw has been corrected in WinAmp version 5.08c and later. Download and install the latest version from:

<http://www.winamp.com/player/>
Workarounds

Do not open .mpa, .mp4, .pls or .m3u files automatically with WinAmp in your web browser.
Do not open unknown .mpa, .mp4, .pls or .m3u files.

Of course, these recommendations always apply to any unknown files and file types. It is also always advised for all users to ensure their browser will prompt for the desired action (Save, Cancel, Open) with all filetypes that may load remote data, such as WinAmp .pls or .m3u playlist file types.

Systems Affected

VendorStatusDate NotifiedDate Updated
NullsoftVulnerable21-Feb-2005

References


http://forums.winamp.com/showthread.php?s=&threadid=202007
http://forums.winamp.com/showthread.php?s=&threadid=202799

Credit

This document was written by Ken MacInnis.

Other Information

Date Public:2004-12-22
Date First Published:2005-02-21
Date Last Updated:2005-02-21
CERT Advisory: 
CVE-ID(s): 
NVD-ID(s): 
US-CERT Technical Alerts: 
Metric:2.02
Document Revision:21

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2005 Carnegie Mellon University
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader