Vulnerability Note VU#449092
AOL Nullsoft Winamp Lyrics3 heap buffer overflow
AOL Nullsoft Winamp contains a heap-based buffer overflow in the code that handles Lyrics3 tags. This vulnerability may allow a remote, unauthenticated attacker execute arbitrary code on a vulnerable system.
Lyrics3 is a system for embedding the lyrics inside an MP3 song file. AOL Nullsoft Winamp fails to properly handle malformed Lyrics3 tags, allowing a heap-based buffer overflow to occur.
This vulnerability may be triggered by persuading a user to access a specially crafted playlist file or connect to a malicious server with Winamp.
A remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.
Links to malicious playlist files may be accessed using the Shoutcast (shout:) or Ultravox (uvox:) protocols. Disabling these protocols will reduce the chances of exploitation. This can be accomplished by deleting the following registry keys:
Do not open Winamp playlist files (.PLS or .M3U) from untrusted sources.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|America Online, Inc.||Affected||-||26 Oct 2006|
CVSS Metrics (Learn More)
This vulnerability was reported by iDEFENSE.
This document was written by Jeff Gennari.
- CVE IDs: Unknown
- Date Public: 25 Oct 2006
- Date First Published: 26 Oct 2006
- Date Last Updated: 08 Dec 2006
- Severity Metric: 14.39
- Document Revision: 25
If you have feedback, comments, or additional information about this vulnerability, please send us email.