Winamp contains a buffer overflow vulnerability when processing a playlist that has a long file parameter. This may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system.
Winamp is a media player for Microsoft Windows systems. It can play various types of media files, such as MP3s. Winamp was created by Nullsoft, which has been acquired by America Online.
A remote unauthenticated attacker may be able to execute arbitrary code by convincing a user to open a specially crafted playlist. This can be achieved by creating a specially crafted web page or other HTML document that may launch Winamp without any user interaction.
Install an update
This vulnerability was publicly disclosed by ATmaCA.
|Date First Published:||2006-01-31|
|Date Last Updated:||2006-02-23 18:17 UTC|